{"id":51213,"date":"2023-03-28T20:24:00","date_gmt":"2023-03-28T20:24:00","guid":{"rendered":"https:\/\/www.darkreading.com\/cloud\/millions-pen-tests-companies-security-posture-getting-worse"},"modified":"2023-03-28T20:24:00","modified_gmt":"2023-03-28T20:24:00","slug":"millions-of-pen-tests-show-companies-security-postures-are-getting-worse","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/","title":{"rendered":"Millions of Pen Tests Show Companies’ Security Postures Are Getting Worse"},"content":{"rendered":"

The risk score for the average company worsened in the past year as companies fail to adapt to data exfiltration techniques and adequately protect Web applications.<\/p>\n

Companies’ effective data-exfiltration risk increased to 44 out of 100 (with 100 indicating having the riskiest posture) in 2022, from an average score of 30 in the previous year, indicating that the overall risk of data being compromised has increased. That’s according to rankings by Cymulate, which crunched the data on 1 million pen tests, including 1.7 million hours of offensive cybersecurity testing within its production environments.<\/p>\n

In its “2022 State of Cybersecurity Effectiveness” report, published on March 28, the firm noted that there are various persistent problems leading to increased risk. For one, while many companies are improving their adoption and the strictness of network and group policies, attackers are adapting to sidestep such protections, the report stated. <\/p>\n

And the basics continue to lag: The company found that four of the top-10 CVEs identified in customer environments were more than two years old. These include the high-severity WinVerifyTrust signature validation vulnerability (CVE-2013-2900<\/a>), which can allow malicious executables to pass security checks, and a memory corruption vulnerability in Microsoft Office (CVE-2018-0798<\/a>).<\/p>\n

\n\"Cymulate-Risk-Scores.png\"\n<\/picture>
How Cymulate scores risk. Source: Cymulate<\/figcaption><\/figure>\n

There is good news, however. Data from the security assessments indicates that companies have all improved risk scores for malware detection across major platforms, and many attacks are blocked by Web gateways. <\/p>\n

Overall, businesses need to treat cybersecurity like any other business process, with regular checks on controls, says Mike DeNapoli, director of technical messaging for Cymulate.<\/p>\n

“Cybersecurity needs to become a process treated like any other business process, with checks and balances and regular review,” he says. “The CFO would never permit the books to remain closed except for once per year, but the systems that house all that money as data routinely only get checked out during an annual pen-test, which has to change.”<\/p>\n

All of this comes against the backdrop that companies are increasingly focused on securing their entire attack surface, improving resiliency to cyberattacks, and preventing disruption of information systems. As a result, cybersecurity services and products that reduce complexity<\/a> have become more popular while large technology firms have thrown their hat into the ring, such as Microsoft’s launch of Defender External Attack Surface Management<\/a> in August and IBM’s purchase of ASM startup Randori<\/a> in June. Time will tell if these trends will move the needle on risk.<\/p>\n

\n\"Bar\n<\/picture>
While the exposure risk due to WAFs has dropped, data-exfiltration risk has increased. Source: Cymulate<\/figcaption><\/figure>\n

Meanwhile, Cymulate’s analysis<\/a> of a year of offensive cybersecurity testing also found that cloud and email continue to provide rich sandboxes for hackers.<\/p>\n

Attacks Increasingly Coming From Popular Clouds<\/h2>\n

Attackers have shifted some aspects of their attacks away from using popular file sharing services, such as Dropbox and Box to evade email attachment filters and other security technologies, to using more generic cloud infrastructure, such as Amazon and Azure. Businesses have a harder time blocking data from large, trusted service providers, which serve as the backbone for many large cloud services and websites, DeNapoli says.<\/p>\n

“These metrics are applied to hundreds of attempts to remove data that should be considered ‘controlled’ from the organization,” he says. “This increase means that organizations have less control over preventing business confidential, personally identifiable, and other controlled data from being removed from the organization in unauthorized ways.”<\/p>\n

The top most successful tactics used by simulated attackers in the Cymulate research included attacking users through their browsers in a drive-by compromise scenario<\/a>, archiving and exfiltrating data<\/a>, and transferring that data to a cloud account<\/a>, such as AWS or Azure.<\/p>\n

“Email Defenses Are a Team Sport”<\/h2>\n

Nearly half of the top 10 exposures uncovered by Cymulate’s pen testing involved a lack of security for basic IT infrastructure. The simulations discovered that common issues included not recognizing phishing domains, a failure to configure DNSSEC, and a lack of two technologies \u2014 Domain-based Message Authentication, Reporting, and Conformance (DMARC) and Sender Policy Framework (SPF) \u2014 that can help stop email-based attacks.<\/p>\n

Overall, companies have been slow to deploy critical email security and integrity technologies, such as DMARC, SPF, and a third technology, Domain Keys Identified Mail (DKIM) \u2014 together which can help prevent phishing success and brand fraud. While companies which implement DMARC, DKIM, and SPF records <\/a>can better protect against email-based attacks, the technology standards are only truly effective if both sides of an exchange are using them, DeNapoli says.<\/p>\n

“We need to begin to recognize that email defenses are a team sport and implement our part of the processes so others can be safer,” he notes. “The benefit is that as more and more organizations implement these processes, our organization also becomes safer.”<\/p>\n

The report also showed that different industries have different strengths and weaknesses. The education and hospitality sectors, for example, had the highest risk of data exfiltration, while protections against the most immediate threats were lowest in the technology sector. Both technology and government organizations had worse-than-average Web application firewall protection.<\/p>\n

Read More HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

A lack of website protections, Sender Policy Framework (SPF) records, and DNSSEC configurations leave companies open to phishing and data exfiltration attacks.Read More HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-51213","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"\nMillions of Pen Tests Show Companies' Security Postures Are Getting Worse 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Millions of Pen Tests Show Companies' Security Postures Are Getting Worse 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-28T20:24:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt55720587b636a327\/64233e52bd7d523bd20ab0a8\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Millions of Pen Tests Show Companies’ Security Postures Are Getting Worse\",\"datePublished\":\"2023-03-28T20:24:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/\"},\"wordCount\":856,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt55720587b636a327\\\/64233e52bd7d523bd20ab0a8\\\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/\",\"name\":\"Millions of Pen Tests Show Companies' Security Postures Are Getting Worse 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt55720587b636a327\\\/64233e52bd7d523bd20ab0a8\\\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale\",\"datePublished\":\"2023-03-28T20:24:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt55720587b636a327\\\/64233e52bd7d523bd20ab0a8\\\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/blt55720587b636a327\\\/64233e52bd7d523bd20ab0a8\\\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Millions of Pen Tests Show Companies’ Security Postures Are Getting Worse\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Millions of Pen Tests Show Companies' Security Postures Are Getting Worse 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/","og_locale":"en_US","og_type":"article","og_title":"Millions of Pen Tests Show Companies' Security Postures Are Getting Worse 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-03-28T20:24:00+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt55720587b636a327\/64233e52bd7d523bd20ab0a8\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Millions of Pen Tests Show Companies’ Security Postures Are Getting Worse","datePublished":"2023-03-28T20:24:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/"},"wordCount":856,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt55720587b636a327\/64233e52bd7d523bd20ab0a8\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/","url":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/","name":"Millions of Pen Tests Show Companies' Security Postures Are Getting Worse 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt55720587b636a327\/64233e52bd7d523bd20ab0a8\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale","datePublished":"2023-03-28T20:24:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt55720587b636a327\/64233e52bd7d523bd20ab0a8\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/blt55720587b636a327\/64233e52bd7d523bd20ab0a8\/Cymulate-Risk-Scores.png?width=690&quality=80&format=webply&disable=upscale"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/millions-of-pen-tests-show-companies-security-postures-are-getting-worse\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Millions of Pen Tests Show Companies’ Security Postures Are Getting Worse"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=51213"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/51213\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=51213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=51213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=51213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}