Application Protection Research Series

We focus on applications because your adversaries focus on applications.

Applications have become the focal point of the Internet, the workhorses behind organizations of all types. Attackers have figured this out, and they target applications more than anything else (besides people). This research series ties together trends and data from a number of perspectives to give an overall picture of the application security threat landscape.

2020 APPLICATION PROTECTION REPORT

DoS and Password Attacks

Looking at three years of reported security incidents shows continued growth in denial-of-service and password login attacks (32% of all reported security incidents) such as brute force and credential stuffing. DoS showed tremendous growth in APCJ and EMEA.

2020 APPLICATION PROTECTION REPORT

Recent Cyberattacks

To help defenders preempt web attacks, we did an analysis of more than one million recent cyberattacks and scans from Q3 2020. See which techniques and systems attackers are focusing on right now, so that you recognize them when they hit your logs!

2020 APPLICATION PROTECTION REPORT

API Authentication Incidents

The second volume of the 2020 Application Protection Report explores how API authentication goes wrong, what happens when it does, and what you can do to make sure it doesn’t.

2020 APPLICATION PROTECTION REPORT

APIs, Architecture, and Making Sense of the Moment

APIs have become critical for business online, but they are also leading to more security incidents, most of which should have been preventable. The first volume of the 2020 Application Protection Report explores the risk landscape around APIs, and sets the stage for a deeper exploration of application architecture and how it relates to risk.

Previous Episodes


See the Lifecycle of the 4 Major Attack Types:

Click through the animations below to understand how different attacks unfold.
 

Related Content

Read additional content here from our 2018 Report