Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vulnerability

Below you will find reports with the tag of “Vulnerability”

image from Exploring Coordinated Disclosure: Shedding Light on Perceptions and Experience in How Software Vulnerabilities are Reported

Exploring Coordinated Disclosure: Shedding Light on Perceptions and Experience in How Software Vulnerabilities are Reported

Veracode commissioned this survey from 451 Research to understand how widely accepted andpracticed coordinated disclosure – whereby a security researcher identifies a flaw and notifiesthe company, then the two work together to fix and publicly disclose the flaw – really is andwhere the pain points reside. In addition, we wanted to explore the means organizations haveestablished to receive vulnerability reports, and the attitudes toward a coordinated disclosurepolicy on both sides of the organization and among external security researchers. We also soughta deeper understanding of the motivations of security researchers, actions when a vulnerabilityis identified, timing for disclosure, desired outcomes, how organizations structure disclosurepolicies, and the effectiveness of bug bounties.

(more available)
Added: February 12, 2020
image from The state of JavaScript frameworks security report 2019

The state of JavaScript frameworks security report 2019

This report covers: the security practices for each of the two different core projects, both Angular and React, the state of security of each of the two different module ecosystems, based on an in-depth look at the vulnerabilities contained in each of the ecosystems, the security practices for other common JavaScript frontend framework alternatives such as Vue.js, Bootstrap and jQuery, and the significant security differences between the different alternatives, and particularly between Angular and React

(more available)
Added: February 12, 2020
image from 2nd Annual Penetration Risk Report 2019

2nd Annual Penetration Risk Report 2019

This report covers penetration prevention in the last year. It covers changes in penetration prevention such as the levels of risk incurred by applications, the way the shift to the cloud affects risk, and how the size of the business affects risk.

(more available)
Added: February 12, 2020
image from The State of Open Source Security Report

The State of Open Source Security Report

This report outlines the state of open source security, including open source adoption, known vulnerabilities, and vulnerability identification.

Added: February 7, 2020
image from 2019 Healthcare Report

2019 Healthcare Report

This report goes in-depth into trends in healthcare data security, surveying 26,000 companies and analyzing terabytes of information.

Added: February 7, 2020
image from 2020 Sonicwall Cyber Threat Report

2020 Sonicwall Cyber Threat Report

Sonicwall outlines the changes in the threat landscape in 2020 for companies to utilize.

Added: February 6, 2020
image from AppSec Trend Report

AppSec Trend Report

A report by DZone showing trends in the changing AppSec industry.

Added: December 2, 2019
image from How Lucrative are Vulnerabilities? A Closer Look at the Economics of the Exploit Supply Chain

How Lucrative are Vulnerabilities? A Closer Look at the Economics of the Exploit Supply Chain

this report t explores the vulnerability-to-exploit (V2E) cybercrime and cybersecurity supply chain, outlines the players in the different market segments and provides insights into the related economic drivers.

(more available)
Added: November 26, 2019
image from Vulnerability QuickView Report Q3 2019

Vulnerability QuickView Report Q3 2019

Risk Based Security has been sharing our Vulnerability QuickView reports with the world, providing detailed analysis on the vulnerability landscape based on data from our vulnerability intelligence product, VulnDB . Continuing from our previous 2019 Mid-Year report, this edition of the QuickView delves into the months of August through October. The information collected is displayed in a series of charts depicting various groupings, classifications, insights, and comparisons of the data

(more available)
Added: November 25, 2019
image from State of Software Security Volume 10

State of Software Security Volume 10

This report goes in depth on the state of software security, going into overall security, application security testing, how flaws are and are not equal, and security debt.

(more available)
Added: November 25, 2019
image from Road to Security Operations Maturity

Road to Security Operations Maturity

A survey of over 250 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

(more available)
Added: November 25, 2019
image from Quarterly Threat Landscape Report Q3 2018

Quarterly Threat Landscape Report Q3 2018

This publication from Fortinet looks at how the threat landscape has changed in the third quarter of 2018 by doing data-driven analysis with some noteworthy events pulled from Q3 2018 headlines.

(more available)
Added: October 1, 2019
image from Fortinet Quarterly Threat Landscape Report Q1 2019

Fortinet Quarterly Threat Landscape Report Q1 2019

This is a quarterly publication from Fortinet that looks at how the threat landscape has changed in the first quarter of 2019.

(more available)
Added: October 1, 2019
image from Fortinet Quarterly Threat Landscape Report Q2 2019

Fortinet Quarterly Threat Landscape Report Q2 2019

This is quarterly publication from Fortinet that looks in the current cyber security threats from April 1 to July 1.

(more available)
Added: October 1, 2019
image from State of Cybersecurity Report 2019

State of Cybersecurity Report 2019

From the report, “[This] report also captures the changing strategies used by attackers and highlights how organizations today are bolstering their defenses to stay one step ahead. It concludes with a peek into the cybersecurity areas that will be pertinent in the near future. We hope that you will benefit from the global and industry-specific insights available in this edition of the State of Cybersecurity Report and that together, we will be able to make our enterprises more resilient to withstand and recover from future attacks!”

(more available)
Added: September 18, 2019
image from State of the Internet: Media Under Assault

State of the Internet: Media Under Assault

From the report, “From January 2018 through June 2019, Akamai recorded more than 61 billion credential stuffing attempts and more than 4 billion web application attacks. In this special edition of the State of the Internet / Security Report, we’re focusing on data within the high tech, video media, and entertainment sectors — collectively named Media & Technology.”

(more available)
Added: September 18, 2019
image from Prioritization To Prediction Volume 4: Measuring What Matters in Remediation

Prioritization To Prediction Volume 4: Measuring What Matters in Remediation

This research was commissioned by Kenna Security. Kenna collected and provided the remediation dataset to the Cyentia Institute for independent analysis and drafting of this report.

(more available)
Added: September 18, 2019
image from 1H 2019 Vulnerability and Exploit Trends

1H 2019 Vulnerability and Exploit Trends

This is a summary of vulnerability trends observed and investigated by the eSentire Security Operations Center (SOC) in 1H 2019.

(more available)
Added: September 18, 2019
image from The Economics of Penetration Testing for Web Application Security

The Economics of Penetration Testing for Web Application Security

This white paper describes the critical role of pen testing for web applications. It explores the economics of “classic” pen testing and considers a variety of unseen costs and points of diminishing value. The paper concludes by describing a next-generation hybrid applicationsecurity-testing-as-a-service and how it can help bring the flexibility in applying both automated app testing tools (DAST) and the human expertise of ethical hackers (pen testing) to this challenge.

(more available)
Added: September 18, 2019
image from Priority One: The State of Crowdsourced Security In 2019

Priority One: The State of Crowdsourced Security In 2019

From the report, “It is clear that there is no shortage of vulnerabilities to find. In the last year, Bugcrowd saw a 92% increase in total vulnerabilities reported over the previous year. The average payout per vulnerability increased this year by a whopping 83%, with average payouts for critical vulnerabilities reaching $2,669.92 — a 27% increase over last year.”

(more available)
Added: September 18, 2019
image from The DevSecOps Approach

The DevSecOps Approach

This report is essential reading for executives, security practitioners and development teams who want to better understand the present state of software security risk, and who seek to benchmark and improve their own organization’s performance.

(more available)
Added: September 18, 2019
  • ««
  • «
  • 20
  • 21
  • 22
  • 23
  • 24
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 4, 2025 12:08 UTC (build b1d7be4)