The 2021 Threat Landscape Retrospective Report is sourced by Tenable in January 2022. Learn more about Tenable, here.



The 2021 edition of the Threat Landscape Retrospective looks at the major vulnerabilities and security incidents that marked 2021, evaluate the impact on cloud and Active Directory environments and explore the tactics used by attackers to breach organisations by holding them to ransom. This report is a valuable resource for security professionals seeking to improve their understanding of the threat landscape in 2021 with a goal to improve their security in 2022.

In 2021, there were 21,957 new CVEs assigned from January to November, a 20% increase over 2020. There were 105 zero-day vulnerabilities disclosed, a 262% increase over the 29 zero-days in 2020. As for data breaches, our count is 1,825 in the 12 months from October 2020 to October 2021. These metrics all represent upticks from 2020’s data.

One element that felt like deja vu was the revelation of a major security event just as the year was coming to a close. In 2020 we were disrupted by the NOBELIUM cyberespionage campaign that targeted organizations through SolarWinds in December, and of course in 2021 it was the exposition of the Log4Shell vulnerability.

Similarly to SolarWinds, it is important not to let Log4Shell draw our attention away from the myriad other vulnerabilities and security events reviewed in the TLR. In fact, the study demonstrates the sheer volume of vulnerabilities facing security organizations and illustrates the challenges of reducing risk.

What’s inside the 2021 Threat Landscape Retrospective


Section one of the report reviews high-level events and trends from the year, zero days and legacy vulnerabilities. This section analyzes the year’s top vulnerabilities and zero-days, including exploring their origin and the systems affected. For example, flaws in Microsoft Exchange and Windows Print Spooler dominated.

Section two is all about what bad actors did this year and how they did it. It reviews the outcome of their efforts, including data breaches, ransomware and attacks against the supply chain.

Section three is a valuable list and overview of every major vulnerability from the year and the vendor it affected. There are over 300 vulnerabilities in this list including context such as the criticality of each, the events that took place and the vendor they affected. In the already busy day security personnel, the TLR helps make sense of a cacophony of vulnerabilities from a year that was unlike any other.

What you’ll learn from 2021 Threat Landscape Retrospective



  • The challenges in securing an evolving perimeter.
  • How ransomware groups are leveraging Active Directory vulnerabilities and misconfigurations in their attacks.
  • Context surrounding the surge in supply chain attacks in the wake of the NOBELIUM SolarWinds incident.

To download the 2021 Threat Landscape Retrospective, click here.

Ready to get started?

Contact us today and we can begin discussing your needs. We can quickly provide you with a sense of our approach, estimated costs and a top-level timeframe.

ISO27001 Certification logo
Dell Platinum Partner Logo
vm ware partner logo
Veeam partner logo
Commvault Logo

Get our Company Brochure

Please enter your details to download our Company Brochure. We will also send a copy to your inbox.