Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vulnerability

Below you will find reports with the tag of “Vulnerability”

image from 2024 Insider Risk Investigations Report

2024 Insider Risk Investigations Report

Protecting trusted insiders (and the assets and systems they are entrusted with) against foreign influence is the ‘how to’ conversation to be having and solution to be driving for. This report is not just a platform for understanding the insider risk landscape. It is an invitation to uplift collaboration and best-practice information sharing with trusted allies to fortify the protective security resilience of our most missions critical agencies and entities.

(more available)
Added: April 16, 2024
image from The 2024 Vulnerability Statistics Report

The 2024 Vulnerability Statistics Report

The 9th edition of the Edgescan Vulnerability Stats Report 2024. This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity Platform in 2023. This is an analysis of vulnerabilities detected in the systems of hundreds of organizations across a wide range of industries – from the Fortune 500 to medium and small businesses. The report provides a statistical model of the most common weaknesses faced by organizations to enable data-driven decisions for managing risks and exposures more effectively.

(more available)
Added: April 8, 2024
image from The 2023 State of Security Leadership

The 2023 State of Security Leadership

This research demonstrates the continual progression of a cybersecurity conundrum that has become an unfortunate but permanent part of the digital environment. Progress is being made, but new fronts open up and new challenges emerge in a seemingly endless cycle. As the need for security rises to a board level concern, cyber leaders are facing more strategic issues to defend against, even while ongoing threats persist. As those security leaders stand to meet the threats, it behooves organizational leaders to provide the support and resources necessary to help enable those they must count on to keep their enterprises safe.

(more available)
Added: April 8, 2024
image from H2 2022 State of the Cybersecurity Attack Surface

H2 2022 State of the Cybersecurity Attack Surface

The report stated that “Equifax lacked a comprehensive IT asset inventory, meaning it lacked a complete understanding of the assets it owned. This made it difficult, if not impossible, for Equifax to know if vulnerabilities existed on its networks. If a vulnerability cannot be found, it cannot be patched.” The Equifax case is one example of an existential and underreported cybersecurity issue: the vast majority of organizations do not have comprehensive visibility of every asset they need to secure.

(more available)
Added: April 6, 2024
image from State of the Cybersecurity Attack Surface - October 2023

State of the Cybersecurity Attack Surface - October 2023

In our third State of the Cybersecurity Attack Surface report, we continue to see enterprises struggle with many of the same issues they’ve been grappling with—they are blind to IT assets missing endpoint protection, patch management, and, as we now include in this report, vulnerability management. “Stale” IT assets continue to proliferate across corporate networks. Organizations are unnecessarily paying for unused licenses while facing budget cuts and economic challenges.

(more available)
Added: April 6, 2024
image from A Year in Review of Zero-Days Exploited In-the-Wild in 2023

A Year in Review of Zero-Days Exploited In-the-Wild in 2023

This report presents a combined look at what Google knows about zero-day exploitation, bringing together analysis from TAG and Mandiant holistically for the first time. The goal of this report is not to detail each individual exploit or exploitation incident, but look for trends, gaps, lessons learned, and successes across the year as a whole. As always, research in this space is dynamic and the numbers may adjust due to the ongoing discovery of past incidents through digital forensic investigations.

(more available)
Added: April 6, 2024
image from Flashpoint 2024 Global Threat Intelligence Report

Flashpoint 2024 Global Threat Intelligence Report

The Flashpoint 2024 Global Threat Intelligence Report offers a critical examination of the current threat environment. This year’s analysis goes beyond traditional threat intelligence, incorporating Flashpoint’s unparalleled data and insights to shed light on cyber threats, geopolitical turmoil, and escalating physical conflicts around the world. The goal: help your organization to strengthen its defenses, ensure operational resilience, and proactively confront multifaceted threats—thereby safeguarding critical assets, preventing financial losses, and protecting lives.

(more available)
Added: April 3, 2024
image from Zayo’s DDoS Insights Report – 2023 End of Year Review

Zayo’s DDoS Insights Report – 2023 End of Year Review

Attackers continue to gain ground. In 2023, the average duration of attacks increased by 403%. Read about DDoS trends and what you can do about them in Zayo’s DDoS Insights Report. This report contains insights, analysis, and conclusions about each industry under attack. Further, it provides you the steps to take to ensure your business isn’t harmed by the DDoS attacks heading your way.

(more available)
Added: March 25, 2024
image from Black Kite Third Party Breach Report 2024

Black Kite Third Party Breach Report 2024

The report sheds light on the sectors most at risk, with technical services vendors leading the breach statistics for the fourth consecutive year. Despite this, a silver lining emerges as a significant portion of these vendors demonstrated improvements in their cyber ratings postbreach. The healthcare sector continues to bear the brunt of these incidents, reinforcing the need for heightened security measures within this critical industry.

(more available)
Added: March 25, 2024
image from 2024 Annual Report

2024 Annual Report

The report presents the industry’s most comprehensive analysis of intelligence from 2023. It covers threat actors and their playbook of targets, methods, and attacks to help you eliminate blind spots in your current security posture. groups, and more for the year ahead. Wherever you are in your threat intelligence journey, you can use this report as a roadmap. It will help you strengthen your operations, create a forward looking strategy, and protect your organization’s data, intellectual property, and brand reputation.

(more available)
Added: March 23, 2024
image from WatchTower Intelligence-Drive Threat Hunting

WatchTower Intelligence-Drive Threat Hunting

In this special year-end edition of the WatchTower Digest, we discuss the threats we observed and investigated in 2023, and look ahead to the 2024 threat landscape. Our findings are based on SentinelOne’s Singularity telemetry across tens of millions of endpoints, operating across a diverse number of industries and global geographies.

(more available)
Added: March 19, 2024
image from AI Threat Landscape Report 2024

AI Threat Landscape Report 2024

In this report, we shed light on these vulnerabilities and how they impact commercial and federal organizations today. We provide insights from a survey of IT security and data science leaders navigating these challenges. We share predictions driven by data from HiddenLayer’s experiences securing AI in enterprise environments. Lastly, we reveal cutting-edge advancements in security controls for AI in all its forms.

(more available)
Added: March 12, 2024
image from Deepwatch 2024 Annual Threat Report

Deepwatch 2024 Annual Threat Report

This report sets itself apart with our proprietary data and insights derived from comprehensive detection coverage coupled with human-led expert investigation and confirmation of threats. The data that powers Deepwatch results from thousands of expert investigations across hundreds of thousands of protected systems. This report examines the broader landscape of threats that leverage techniques and other tradecraft. We also track specific threats associating malicious or suspicious activity with a new or existing threat activity cluster, specific malware variants, abuse of legitimate tools, and known threat actors. ATI continually tracks and analyzes threats throughout the year, publishing weekly threat intelligence reports.

(more available)
Added: March 12, 2024
image from Threat Monitor Annual Report 2023

Threat Monitor Annual Report 2023

In this year’s Annual Cyber Threat Monitor Report, we take a look back at the key events that shaped the cyber threat landscape in 2023, as well as looking ahead at the year to come, sharing insights from our Cyber Threat Intelligence team here at NCC Group. 2023 showed signs that the international community is beginning to take the threats from cyber adversaries more seriously. We saw several examples of coordinated law enforcement action against criminal groups, including key ransomware operators and individuals believed to be acting on behalf of foreign intelligence services.

(more available)
Added: March 12, 2024
image from The 2023 Arctic Wolf State of Cybersecurity Trends Report

The 2023 Arctic Wolf State of Cybersecurity Trends Report

The 2023 Arctic Wolf State of Cybersecurity Trends Report took the temperature of organizations around the globe and sought to understand not only their current and future concerns, but how they were responding to the problems that had plagued them in previous years. Our research shows that, despite the enduring nature of many of these challenges, organizations are making measurable strides in areas where progress has proven limited in previous years.

(more available)
Added: March 5, 2024
image from The Future of Application Security 2024

The Future of Application Security 2024

The third annual Future of Application Security survey reveals how key stakeholders are responding to this challenge. We surveyed 1504 developers, CISOs, and AppSec managers from a broad range of industries across the US, Europe, and Asia-Pacific regions. The responsibility has shifted away from dedicated security teams and is now shared between AppSec managers and developers.

(more available)
Added: March 5, 2024
image from 2024 Open Source Security and Risk Analysis Report

2024 Open Source Security and Risk Analysis Report

This report uses data from the Synopsys Black Duck Audit Services team’s analysis of anonymized findings from 1,067 commercial codebases across 17 industries during 2023. The Audit Services team has helped security, development, and legal teams around the world strengthen their security and license compliance programs for over 20 years. The team audits thousands of codebases for our customers each year, with the primary aim of identifying software risks during merger and acquisition (M&A) transactions.

(more available)
Added: March 5, 2024
image from Outbreak Alerts Annual Report 2023

Outbreak Alerts Annual Report 2023

In year 2023, FortiGuard Labs blocked 2.4 trillion vulnerability attempts and 3 billion malware deliveries to protect its customers from cyber threats. FortiGuard Labs escalated the significant threats through the Outbreak Alert system to raise awareness. These outbreaks highlighted the various targeted and 0-day attacks, weaponized vulnerabilities, malware/ ransomware campaigns, and OT/IoT threats launched last year.

(more available)
Added: March 5, 2024
image from 2023 Honeypotting in the Cloud Report

2023 Honeypotting in the Cloud Report

This research aims to equip cloud security professionals, DevOps, DevSecOps, CISOs, and development leaders with valuable insights and practical recommendations for safeguarding their cloud environments, and in doing so, help to secure the cloud for everyone. In some ways, our study confirmed what is already widely known: attackers are constantly scanning the Internet for lucrative opportunities.

(more available)
Added: March 5, 2024
image from 2024 State of Cloud Security report

2024 State of Cloud Security report

This report was compiled by analyzing data captured from billions of cloud assets on AWS, Azure, Google Cloud, Oracle Cloud, and Alibaba Cloud scanned by the Orca Cloud Security Platform. Leveraging unique insights into current and emerging cloud risks captured from the Orca Cloud Security Platform, this report reveals the most commonly found, yet dangerous, cloud security risks.

(more available)
Added: March 5, 2024
image from OT Cybersecurity The 2023 Year In Review

OT Cybersecurity The 2023 Year In Review

Dragos started the Year in Review to highlight significant trends in the OT cybersecurity community. This year’s report aims to go further by offering practitioners and leaders the most up-to-date data, along with perspectives from the field, to help them better defend critical infrastructure around the world. These perspectives are focused on providing actionable insights that have been tried and tested to help organizations effectively defend against and respond to industrial cyber threats.

(more available)
Added: February 29, 2024
  • ««
  • «
  • 3
  • 4
  • 5
  • 6
  • 7
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 00:08 UTC (build b1d7be4)