The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now!


Security teams are still struggling to effectively remove and prevent issues that are well known in the industry. The State of Pentesting report by Cobalt found that security teams have been dealing with the same top 5 vulnerabilities for 4 years in a row.

Organizations are slow to respond to cyber threats, aren’t protecting their full portfolios, struggle to find cyber talent, and don’t have alignment within security and development teams.

25% of respondents said their company takes up to 60 days — or longer — to address low-to medium-risk vulnerabilities, and a small but nonetheless notable segment (1%) of companies don’t bother to remediate them at all. 67% percent of respondents believe their companies’ sluggish response to these vulnerabilities creates risk for their businesses.

Organizations aren’t protecting their full portfolios, leaving gaps in their security posture. On average, respondents pentest — a penetration testing security assessment — only 63% of their entire application portfolios. Teams struggle to detect everything that slips past internal checks because they can’t pentest their entire application portfolio; 42% say their company doesn’t have the budget to cover it.

86% of respondents agreed that it is difficult to find or hire people with the right skillsets for pentesting. This is a symptom of a larger problem: the established pentesting procurement process makes security control less accessible.

Subpar developer-security team alignment is putting organizations at risk. Only 3 in 10 were able to report that their company’s security and engineering teams were “intertwined.” Security and engineering teams have work to do to effectively collaborate, which means lower-risk vulnerabilities stay exposed for longer.

The State of Pentesting report reveals the biggest hazards impacting the cybersecurity community today. Cobalt gathered data from over 1,500 pentests performed in 2020 to learn about the vulnerabilities discovered by companies and then interviewed 600+ security practitioners to learn about cybersecurity gaps across different industries and company sizes.

Read the full report by Cobalt.

VentureBeat

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member