Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vulnerability

Below you will find reports with the tag of “Vulnerability”

image from Security Navigator 2024

Security Navigator 2024

The Security Navigator reflects first and foremost the reality of the conflictual nature of cyber warfare. It mirrors the disinhibition of threat actors motivated by state strategies or hacktivism as well as criminal opportunities. In this environment, espionage, sabotage, disinformation and extortion are becoming increasingly intertwined. This document is also intended to become the cornerstone of the partnership of trust that we wish to build with you. It must enrich our debates within a community that is still too isolated.

(more available)
Added: December 5, 2023
image from The State of Web Application Security

The State of Web Application Security

The 2023 State of Web Application Security Report investigates the evolving security practices, tools, and technologies employed by organizations worldwide to enhance file upload security. 97% of survey participants reported using containers in environments that host web applications. Additionally, web applications that accept file uploads are increasingly being hosted on cloud-based platforms, including both Infrastructure as a Service (IaaS) and Software as a Service (SaaS) solutions

(more available)
Added: November 30, 2023
image from Global Threat Intelligence Report 2023

Global Threat Intelligence Report 2023

The BlackBerry Global Threat Intelligence Report has become a key reference guide for cybersecurity professionals worldwide, including CISOs and other decision makers, to keep the security community informed of the latest cybersecurity threats and challenges globally affecting their industries and platforms. This report covers threats encountered in June 2023 through August 2023. It examines the challenges faced by many industry sectors, with a focus on protecting government and public entities, risks within the healthcare sectors, safeguarding critical infrastructure, and the importance of protecting vulnerable entities within the financial sector.

(more available)
Added: November 29, 2023
image from Vulnerability and threat trends report 2023

Vulnerability and threat trends report 2023

Our findings in this year’s Skybox Vulnerability and Threat Trends Report, detailed below, make the urgency of the situation abundantly clear. Vulnerabilities have skyrocketed, eclipsing all previous records. Attacks are increasing in velocity and impact. Threat actors are targeting more sensitive assets and inflicting more damage. They are better organized—backed increasingly by large crime rings and nation-states—and are employing more sophisticated tools and tactics, such as a growing assortment of backdoor malware and advanced persistent threat (APT) attacks.

(more available)
Added: November 14, 2023
image from Voice of a Threat Hunter

Voice of a Threat Hunter

This report helps uncover vulnerabilities missed by traditional security tools and detect unnoticed malicious activities. To understand how security professionals utilize threat hunting, we surveyed 218 security analysts to identify effective strategies, challenges, and metrics for success.

(more available)
Added: November 14, 2023
image from Software Supply Chain Security Risk Report

Software Supply Chain Security Risk Report

In April 2023, ReversingLabs partnered with Dimensional Research to survey 321 security and IT professionals on their software supply chains for its report, “Software Supply Chain Security Risk Survey.” This analysis presents key findings and actionable recommendations for security organizations in four key areas: traditional applications security shortcomings, software supply chain complexity and security, security in software development and enterprise-wide security risks.

(more available)
Added: November 6, 2023
image from Cloud Detection and Response: Market Growth as an Enterprise Requirement

Cloud Detection and Response: Market Growth as an Enterprise Requirement

Increasingly dynamic cloud environments are presenting visibility challenges for security. Indeed, the majority of organizations claim that lack of access to physical networks, the dynamic nature of cloud-native applications, and elastic cloud infrastructure create blind spots, making security monitoring challenging. SOC teams need to address this cloud visibility gap by collecting, processing, monitoring, and acting upon information from an assortment of cloud security telemetry sources.

(more available)
Added: November 6, 2023
image from The 2023 State of the Internet Report

The 2023 State of the Internet Report

This year, we delve deeper into web entities, or content served over HTTP – think websites, web-based control panels, load balancers, and even APIs. Web entities have become a ubiquitous part of our daily lives, enabling us to shop, read the news, and stay in touch with loved ones. Our goal is to share our findings and analysis with the community to provide a deeper understanding of the complexities of the internet. We hope that readers can use these findings to enhance their understanding of the services that comprise the web and make more informed decisions about how to safeguard their digital assets.

(more available)
Added: November 6, 2023
image from The 2023 Cybersecurity Research Report

The 2023 Cybersecurity Research Report

The objective with this research was to gather the perspectives and priorities of global IT leaders who are considering leveraging cybersecurity best practices to spur growth in their organizations. Through the survey, we were able to pinpoint areas of investment, operational challenges and potential threats while gauging an outlook on the future.

(more available)
Added: October 18, 2023
image from 2023 Comcast Business Cybersecurity Threat Report

2023 Comcast Business Cybersecurity Threat Report

The 2023 Comcast Business Cybersecurity Threat Report was developed to help technology and security leaders get a deeper understanding of trends in cybersecurity threats—and the steps they can take to help protect their organizations from an evolving set of threats. Our goal is to provide insights from billions of threat data points and context around common ways that cybersecurity attacks arise and unfold.

(more available)
Added: October 18, 2023
image from The Future of Cloud Security

The Future of Cloud Security

Cloud security risks and vulnerabilities are on the rise and 30% of businesses fail to apply adequate security controls or provide the tools security and DevOps engineers really need to solve this problem. Unprecedented and rapid expansion to the cloud, prompted by many organizations’ digital transformation also means that cloud services are expanding faster than ever before. AWS alone has experienced over 1000% growth in services since 2013.

(more available)
Added: October 18, 2023
image from State of Play Report

State of Play Report

The United Kingdom’s National Cyber Security Centre (NCSC) found that cyberattacks against sports organizations are increasingly common, with 70% of those surveyed experiencing at least one attack per year, significantly higher than the average across businesses in the United Kingdom. In this edition we offer first hand learnings about how threat actors assess and infiltrate these environments across venues, teams, and critical infrastructure around the event itself.

(more available)
Added: October 10, 2023
image from 2023 Microsoft Digital Defense Report

2023 Microsoft Digital Defense Report

In this fourth annual edition of the Microsoft Digital Defense Report, we draw on our unique vantage point to share insights on how the threat landscape has evolved and discuss the shared opportunities and challenges we all face in securing a resilient online ecosystem which the world can depend on.

(more available)
Added: October 10, 2023
image from PASTA: Process for Attack Simulation & Threat Analysis

PASTA: Process for Attack Simulation & Threat Analysis

Process for Attack Simulation and Threat Analysis (PASTA) is a threat modeling methodology, co-developed by VerSprite’s CEO Tony UcedaVelez. It provides a process for simulating attacks to applications, analyzing cyberthreats that originate them, and mitigating cybercrime risks that these attacks and threats pose to organizations. The process is employed by security professionals across industries to prioritize risks and develop a mature cybersecurity framework that is woven into the business culture and the application development process.

(more available)
Added: October 3, 2023
image from 2023 Cyber Claims Report Mid-year Update

2023 Cyber Claims Report Mid-year Update

Coalition’s 2023 Cyber Claims Report: Mid-year Update features data from organizations across the United States. Cyber risk is global in nature, and we believe the trends and risk mitigation strategies within this report are applicable regardless of location. We’re proud to share these insights to help our policyholders, broker partners, and others in the cyber insurance industry stay informed about the ever changing threat landscape.

(more available)
Added: September 29, 2023
image from Coalfire's 5th Annual Penetration Risk Report

Coalfire's 5th Annual Penetration Risk Report

Coalfire’s 5th Annual Penetration Risk Report confirms that enterprise security teams in key industry sectors are starting to embrace continuous penetration testing as a core component of a comprehensive defensive strategy. The report reveals gaps on an expanding attack surface, showing that organizations face ever-greater difficulties mitigating modern attacks.

(more available)
Added: September 26, 2023
image from The Business Case for Unifying Security and Observability

The Business Case for Unifying Security and Observability

Organizations are developing new applications as part of an overall movement toward digitally transforming business operations. Many executives and board members still consider these purely technology problems, but this perception is greatly mistaken. Given the potential business impact, they should accept these as business issues. Ensuring system security and resilience must be addressed as part of business planning, risk management, and operations.

(more available)
Added: September 21, 2023
image from 2023 State of Mobile App Security

2023 State of Mobile App Security

Today’s apps are multifunctional, combining communication, collaboration, and commerce. The fragmentation of mobile devices, cloud computing, and third-party components and services have changed how apps store, transmit, and process data. As a result, sensitive information is at risk thanks to the expansion of the attack surface and the rapid evolution of threats.

(more available)
Added: September 21, 2023
image from 1H Global Threat Landscape Report August 2023

1H Global Threat Landscape Report August 2023

In 1H 2023, we observed significant activity among advanced persistent threat (APT) groups, a rise in ransomware frequency and complexity, increased botnet activity, a shift in MITRE ATT&CK techniques used by attackers, and more. As we examine activity in the first half of 2023, we see cybercrime organizations and nation-state cyber-offensive groups swiftly adopting new technologies. Notably, some of these actors operate much like traditional enterprises, complete with well-defined responsibilities, deliverables, and objectives.

(more available)
Added: September 15, 2023
image from 2023 H1 Threat Review

2023 H1 Threat Review

In the first half of 2023, Forescout Vedere Labs has published numerous blog posts and reports sharing analyses of prominent vulnerabilities, threat actors and malware. In this report, we look back at the research we published in the period of January 1 to July 31, 2023 (2023 H1) as well as other important events and data that we have not covered in the same period to emphasize the evolution of the threat landscape.

(more available)
Added: September 8, 2023
image from 2023 State of Vulnerability Management

2023 State of Vulnerability Management

This survey was designed to shed light on current practices, obstacles, and perspectives in vulnerability management. Through understanding how organizations are tackling these challenges, the “2023 State of Vulnerability Management” report offers strategic insights and industry benchmarks.

(more available)
Added: September 1, 2023
  • ««
  • «
  • 5
  • 6
  • 7
  • 8
  • 9
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 08:08 UTC (build b1d7be4)