Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Web Application

Below you will find reports with the tag of “Web Application”

image from The 2023 State of the Internet Report

The 2023 State of the Internet Report

This year, we delve deeper into web entities, or content served over HTTP – think websites, web-based control panels, load balancers, and even APIs. Web entities have become a ubiquitous part of our daily lives, enabling us to shop, read the news, and stay in touch with loved ones. Our goal is to share our findings and analysis with the community to provide a deeper understanding of the complexities of the internet. We hope that readers can use these findings to enhance their understanding of the services that comprise the web and make more informed decisions about how to safeguard their digital assets.

(more available)
Added: November 6, 2023
image from Slipping Through the Security Gaps

Slipping Through the Security Gaps

In this edition of the State of the Internet/Security (SOTI) report, we continue to research the array of attacks observed in web applications and API, their impacts on the organization, and how vulnerabilities figure in the API landscape. Our goal is to illustrate the dangers posed by the web application and API attacks, with recommendations on how to successfully defend your network against such attacks.

(more available)
Added: August 11, 2023
image from 2022 Global Threat Analysis Report

2022 Global Threat Analysis Report

Radware’s 2022 Global Threat Analysis Report reviews the year’s most important cybersecurity events and provides detailed insights into the attack activity of 2022. The report leverages intelligence provided by Radware’s Threat Intelligence Team, and network and application attack activity sourced from Radware’s Cloud and Managed Services, Global Deception Network and Threat Research team.

(more available)
Added: February 23, 2023
image from Cyber Threat Index 2023

Cyber Threat Index 2023

This report includes insights on internet security, cyber risk, and security trends that organizations have face over the last year and what they need to prepare for in 2023. We’re sharing the critical information and our insights to help decision-makers in the information security community and insurtech sectors better understand the cyber risk landscape. Coalition’s data set includes internet scans of 5.2 billion IP addresses-an impressive number that comprises the entire IPv4 address space and relevant IPv6 addresses.

(more available)
Added: February 3, 2023
image from Enterprise Application Security

Enterprise Application Security

The goal of this Trend Report is to equip developers with the tools, best practices, and advice they need to help implement security at every stage of the SDLC.

(more available)
Added: December 16, 2022
image from SIEM Report 2022

SIEM Report 2022

The 2022 SIEM Report is based on a survey of 348 cybersecurity professionals and represents one of the industry’s most comprehensive annual studies on SIEM, exploring the latest trends, key challenges, and solution preferences in this market.

(more available)
Added: July 5, 2022
image from The State of Pentesting: 2020

The State of Pentesting: 2020

The State of Pentesting: 2020 report assesses which web application security vulnerabilities can be found reliably using machines and which require human expertise to manually identify. The scope of his exploration is black-box penetration testing (“humans”) against dynamic scanning and out-of-band testing (“machines”) for web applications.

(more available)
Added: May 16, 2022
image from Internt of Tip-offs (IoT)

Internt of Tip-offs (IoT)

An analysis on the indicators to be derived from detecting Internet of Things (IoT) in organization’s public internet facing profiles.

(more available)
Added: January 26, 2021
image from New Vulnerability Found: Executive Overconfidence

New Vulnerability Found: Executive Overconfidence

This report attempts to understand the theory and practice of web application security in organizations worldwide.

Added: October 14, 2020
image from Web Application Vulnerability Report 2020

Web Application Vulnerability Report 2020

A review of web application vulnerabilities as seen through Acuentix’s web scans between March 2019 and February 2020.

Added: September 30, 2020
image from DDoS Threat Report Q2 2019

DDoS Threat Report Q2 2019

This quarterly threat report offers insight into the DDoS attacks that occurred in the 2nd quarter of 2019.

Added: September 16, 2020
image from Weaving a Safer Web: The State and Significance of TLS 1.2 Support

Weaving a Safer Web: The State and Significance of TLS 1.2 Support

A deep dive into the state of deploying the latest TLS version (v1.2) and the use of this signal for correlating with broader public-facing risk surfaces and characteristics of firms.

(more available)
Added: July 6, 2020
image from AWS Shield: Threat Landscape Report - Q1 2020

AWS Shield: Threat Landscape Report - Q1 2020

The inaugural threat report from the AWS Shield managed security service. Primarily covers volumetric statistics seen on the AWS Shield platform.

(more available)
Added: June 1, 2020
image from 2019 TLS Telemetry Report

2019 TLS Telemetry Report

Overview of deployment of TLS encryption in the general internet and Alex Top 1000 sites.

Added: April 17, 2020
image from Bromium Insights Report: April 2019

Bromium Insights Report: April 2019

This report from Bromium offers insights into notable threats and events from 2019.

Added: May 18, 2019
image from SSL/TLS Certificates and Their Prevalence on the Dark Web (First Report)

SSL/TLS Certificates and Their Prevalence on the Dark Web (First Report)

To shine a light on the availability of SSL/TLS certificates on the dark web, the Evidence-based Cybersecurity Research Group at the Andrew Young School of Policy Studies at Georgia State University and the University of Surrey spearheaded a research program, sponsored by Venafi. This report details the preliminary findings of the research and outlines the volume of SSL/TLS certificates for sale on the dark web, including information on how they are packaged and sold to attackers. These certificates can be used to eavesdrop on sensitive communications, spoof websites, trick consumers and steal data. The long-term goal of this research is to gain a more thorough understanding of the role SSL/TLS certificates play in the economy of the dark web as well as how they are being used by attackers.

(more available)
Added: May 3, 2019
image from The Deserialization Problem

The Deserialization Problem

The problem that occurs when applications deserialize data from untrusted sources is one of the most widespread security vulnerabilities to occur over the last couple years. This article will provide background on the deserialization vulnerability, describe the limitations of the existing mitigation techniques and explain why Waratek’s Compiler Based solution is ideal in solving this problem.

(more available)
Added: March 26, 2019
image from Industry Cyber-Exposure Report: ASX 200

Industry Cyber-Exposure Report: ASX 200

Using information from Rapid7’s Project Sonar internet telemetry service, this report reviews several dimensions of demonstrated security controls for companies in the S&P 200 and ASX (Australian) stock indices.

(more available)
Added: March 16, 2019
image from 2018 Healthcare Threat Report

2018 Healthcare Threat Report

From this one page report, “Healthcare organizations possess some of the most valuable information exchanged on the black market, including social security numbers, patient records, financial information and intellectual property. To help you understand the common attack types and trends facing the healthcare industry, we’ve compiled the following observations based on real data from across our client base.”

(more available)
Added: February 5, 2019
image from Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor’s Repository

Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor’s Repository

In mid-July, Palo Alto Networks Unit 42 identified a small targeted phishing campaign aimed at a government organization. While tracking the activities of this campaign, we identified a repository of additional malware, including a web server that was used to host the payloads used for both this attack as well as others. We’ll discuss how we discovered it, as well as possible attribution towards the individual behind these attacks.

(more available)
Added: November 15, 2018
image from Turla group using Neuron and Nautilus tools alongside Snake malware

Turla group using Neuron and Nautilus tools alongside Snake malware

This report provides new intelligence by the NCSC on two tools used by the Turla group to target the UK. It contains IOCs and signatures for detection by network defenders.

(more available)
Added: November 15, 2018
  • ««
  • «
  • 1
  • 2
  • 3
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 24, 2025 04:08 UTC (build b1d7be4)