Pages
Posts
Analysis
- Application Security and "Typical" Fix Times
- Application Security and Burstiness
- Bridging 18y Studying Cyber Risk in Supply Chains
- Call for Sponsors: Meta-Study on ATT&CK techniques
- Cisco Security Outcomes Study Methodology Post II: The Rise of Item Response Theory
- Cisco Security Outcomes Study methodology post! Attention Stats Nerds!
- Communicating Risk: Loss Exceedance Curves
- Don't fear the smoother
- EPSS version 2 is out!
- Finally - A Properly Sampled Security Survey
- Finding (san)Key Protections Against Ransomware
- Gain Confidence with Confidence Intervals
- I Once Called Vuln Researchers NVPs; Are They MVPs Instead?
- IRIS Tsunami - Lessons from 50 of the largest multi-party cyber incidents
- Looking Back on 2021
- Measuring Ransomware, Part 1: Payment Rate
- Measuring Ransomware, Part 2: Ransom Demands
- Measuring Ransomware, Part 3: Prevalence
- Patching Is *Much* Slower Without Vendor Support
- Paying Ransoms & Information Asymmetry
- Probability of Zero-Day Co-Discovery at Scale
- Revisiting GitHub as a Source for Exploits
- Revisiting the Ripple Effect in Breaches - What's Making Waves in 2021?
- Salving Human Risk in Cybersecurity
- Survival in Application Security
- Ternary plots for visualizing (some types of) 3D data
- What Matters More in Software Security - Nature or Nurture?
- Who Has the Advantage - Attackers or Defenders?
News
- And we’re live!
- Call for Participation: 2018 Cyber Balance Sheet
- Cyentia Podcast
- Cyentia Starting a Study and Seeking SOCs
- EPSS version 2 is out!
- GitHub: A Source for Exploits
- Help Save the Cybersecurity Research Library!
- Introducing Cyentia's new data scientist
- Introducing the Cyentia Library
- IRIS 20/20 Webinar - Audience Questions
- IRIS 20/20 Xtreme Webinar - Audience Questions
- Re-introducing the Cyentia Research Library
- Seeking Sponsor for Study on Extreme Cyber Loss Events
Report
- Application Security and "Typical" Fix Times
- Application Security and Burstiness
- Bridging 18y Studying Cyber Risk in Supply Chains
- Cyentia Institute Publishes Groundbreaking Research on the Frequency and Cost of Breaches
- Cyentia Institute Publishes IRIS Xtreme on the 100 Largest Cyber Loss Events
- Finding (san)Key Protections Against Ransomware
- I Once Called Vuln Researchers NVPs; Are They MVPs Instead?
- Internet Risk Surface in the Financial Sector
- IRIS 20/20 Webinar - Audience Questions
- IRIS 20/20 Xtreme Webinar - Audience Questions
- IRIS Tsunami - Lessons from 50 of the largest multi-party cyber incidents
- New Research: Striking Security Gold
- New Research: Voice of the Analyst Study
- Paying Ransoms & Information Asymmetry
- Prioritization to Prediction, Vol 3: Wade’s Take
- Road to SecOps Maturity study released
- Salving Human Risk in Cybersecurity
- What Matters More in Software Security - Nature or Nurture?
- Who Has the Advantage - Attackers or Defenders?
© Copyright 2023 Cyentia Institute