Application Protection Research Series

We focus on applications because your adversaries focus on applications.

Applications have become the focal point of the Internet, the workhorses behind organizations of all types. Attackers have figured this out, and they target applications more than anything else (besides people). This research series ties together trends and data from a number of perspectives to give an overall picture of the application security threat landscape.

2021 APPLICATION PROTECTION REPORT

Of Sectors and Vectors

Our first supplemental piece to the 2021 Application Protection Report is a detailed examination of how attack chains vary by targeted industrial sector. This also provides some insight into how sectoral analyses compare with other kinds of security intelligence and how best to use them.

2021 APPLICATION PROTECTION REPORT

Of Ransom and Redemption

We dive ever deeper into the changing threat landscape, unpacking the evolution of formjacking to fit a wider target profile, as well as the evolution of ransomware from a niche attack to the latest default. We also analyze and visualize attack chains in greater detail using the ATT&CK framework.

2020 APPLICATION PROTECTION REPORT

DoS and Password Attacks

Looking at three years of reported security incidents shows continued growth in denial-of-service and password login attacks (32% of all reported security incidents) such as brute force and credential stuffing. DoS showed tremendous growth in APCJ and EMEA.

2020 APPLICATION PROTECTION REPORT

Recent Cyberattacks

To help defenders preempt web attacks, we did an analysis of more than one million recent cyberattacks and scans from Q3 2020. See which techniques and systems attackers are focusing on right now, so that you recognize them when they hit your logs!

Previous Episodes


See the Lifecycle of the 4 Major Attack Types:

Click through the animations below to understand how different attacks unfold.
 

Related Content

Read additional content here from our 2018 Report