This is an annual report that discusses the latest malware and hacking trends in compromised websites.

The goal of this report is to shed some light on the current threat landscape for organizations, assess the strengths and weaknesses of current vulnerability evaluation systems such as CVSS, (Common Vulnerability Scoring System) and explore additional metrics for determining the risk of a vulnerability.

The Annual Cybersecurity Report highlights the relentless push-and-pull dynamic between cyber attackers and cyber defenders. It is intended to help organizations respond effectively to today’s rapidly evolving and sophisticated threats.

In this report, they examine that series of interacting tiers—application services, application access, Transport Layer Security (TLS), domain name services (DNS), and the network—because each one is a potential target of attack.

This report answers some questions about Bug Bounty organizations.

This report looks at China’s evolving approach to integrated strategic deterrence. Drawing on a variety of Chinese military writings, this report explores the origins of this concept, how it relates to Chinese development of counter-intervention capabilities, and how Beijing’s assessment of its external security environment influences its requirements.

This is a report on cloud security trends.

This report was created to present The Cyber-Value Connection, which is intended to put cyber security in a context that will resonate with business leaders. The Cyber-Value Connection looks at the reduction in company value that arises from a cyber breach, vividly demonstrating how a sever incident leads to a decline in share price.

This whitepaper explains the trends and developments in computing that have made host-based behavioral analysis and exploit interception necessary elements of computer security and provides an overview of the technology and methodology used by DeepGuard, the Host-based Intrusion Prevention System (HIPS) of F-Secure’s security products.

From the Report, “This year’s GTIR utilizes the Center for Internet Security’s Critical Security Controls to identify controls that can be effective at each stage of the Lockheed Martin Cyber Kill Chain® (CKC) . By ensuring that controls exists for each stage of the CKC, organizations can increase their ability to disrupt attacks . We’ve dedicated an entire section and case study to a Practical Application of Security Controls to the Cyber Kill Chain.”

This report is focussed on providing insights based on events in 2017.

This research presets a list of vectors commonly used by attackers to compromise internal networks after achieving initial access. It delivers recommendations on how to best address the issues. The goal is to help defenders focus efforts on the most important issues by understanding the attackers’ playbook, thereby maximizing results.

This technical white paper describes a new approach to identifying your most critical web application vulnerabilities faster and at lower cost.

The term “exposure” can mean many things. In the context of this report, they define “exposure” as offering services that either expose potentially sensitive data over cleartext channels or are widely recognized to be unwise to make available on the internet, such as database systems. They looked for the presence of 30 of the most prevalent TCP services across the internet, tallied up the results and performed cross-country comparisons to produce a National Exposure Index, a ranked aggregation of the results of Rapid7’s internet-wide scans of 16 usually cleartext or highly targeted common services, based on the in-country prevalence of those services.

This report discusses the proper workflows in Security Optimization.

This report focuses on software vulnerabilities, software vulnerability exploits, malware, and unwanted software. It is the hope that readers find the data, insights, and guidance provided in this report useful in helping them protect their organizations, software, and users.

This paper answers questions about what the deserialization vulnerability is, and what the challenges are to solving it.

Subtitled “Cyber Attacks: Can the Market Respond?”

This report can help you learn how to become more resilient to new attacks and compete more safely in the digital age.

This is an annual report that discusses the latest malware and hacking trends in compromised websites.

This report, based on responses from nearly 200 IT and security practitioners surveyed, explores the current state of vulnerability risk management, the challenges that directly impact the remediation process, and the outlook for improvement in the coming year. In addition, compliance drivers and executive awareness of information security threats are considered to demonstrate their influence on effective vulnerability risk management.