The 2022 SIEM Report is based on a survey of 348 cybersecurity professionals and represents one of the industry’s most comprehensive annual studies on SIEM, exploring the latest trends, key challenges, and solution preferences in this market. (more available)

The State of Pentesting: 2020 report assesses which web application security vulnerabilities can be found reliably using machines and which require human expertise to manually identify. (more available)

An analysis on the indicators to be derived from detecting Internet of Things (IoT) in organization’s public internet facing profiles.

This report attempts to understand the theory and practice of web application security in organizations worldwide.

A review of web application vulnerabilities as seen through Acuentix’s web scans between March 2019 and February 2020.

This quarterly threat report offers insight into the DDoS attacks that occurred in the 2nd quarter of 2019.

A deep dive into the state of deploying the latest TLS version (v1.2) and the use of this signal for correlating with broader public-facing risk surfaces and characteristics of firms. (more available)

The inaugural threat report from the AWS Shield managed security service. Primarily covers volumetric statistics seen on the AWS Shield platform. (more available)

Overview of deployment of TLS encryption in the general internet and Alex Top 1000 sites.

This report from Bromium offers insights into notable threats and events from 2019.

To shine a light on the availability of SSL/TLS certificates on the dark web, the Evidence-based Cybersecurity Research Group at the Andrew Young School of Policy Studies at Georgia State University and the University of Surrey spearheaded a research program, sponsored by Venafi. (more available)

The problem that occurs when applications deserialize data from untrusted sources is one of the most widespread security vulnerabilities to occur over the last couple years. (more available)

Using information from Rapid7’s Project Sonar internet telemetry service, this report reviews several dimensions of demonstrated security controls for companies in the S&P 200 and ASX (Australian) stock indices. (more available)

From this one page report, “Healthcare organizations possess some of the most valuable information exchanged on the black market, including social security numbers, patient records, financial information and intellectual property. (more available)

In mid-July, Palo Alto Networks Unit 42 identified a small targeted phishing campaign aimed at a government organization. While tracking the activities of this campaign, we identified a repository of additional malware, including a web server that was used to host the payloads used for both this attack as well as others. (more available)

This report provides new intelligence by the NCSC on two tools used by the Turla group to target the UK. It contains IOCs and signatures for detection by network defenders. (more available)

This paper is the result of forensic investigations by Kaspersky Lab at banks in two countries far apart. It reveals new modules used by Lazarus group and strongly links the tools used to attack systems supporting SWIFT to the Lazarus Group’s arsenal of lateral movement tools. (more available)

Multiple Polish banks have fallen victim to malware. This post contains what information was public about the attack at the time. (more available)

Have you ever wondered what 0 types of cyber attacks affect small to midsize businesses (SMBs) and distributed enterprises (DEs)? Well, you’ve come to the right place. (more available)

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2015. The vulnerabilities discovered are a result of providing continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises; Telecoms & Media, Software Development, Gaming, Energy and Medical organizations. (more available)

This is a report on cloud security trends.