Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Security teams are still struggling to effectively remove and prevent issues that are well known in the industry. The State of Pentesting report by Cobalt found that security teams have been dealing with the same top 5 vulnerabilities for 4 years in a row.

Organizations are slow to respond to cyber threats, aren’t protecting their full portfolios, struggle to find cyber talent, and don’t have alignment within security and development teams.

25% of respondents said their company takes up to 60 days — or longer — to address low-to medium-risk vulnerabilities, and a small but nonetheless notable segment (1%) of companies don’t bother to remediate them at all. 67% percent of respondents believe their companies’ sluggish response to these vulnerabilities creates risk for their businesses.


Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

Organizations aren’t protecting their full portfolios, leaving gaps in their security posture. On average, respondents pentest — a penetration testing security assessment — only 63% of their entire application portfolios. Teams struggle to detect everything that slips past internal checks because they can’t pentest their entire application portfolio; 42% say their company doesn’t have the budget to cover it.

86% of respondents agreed that it is difficult to find or hire people with the right skillsets for pentesting. This is a symptom of a larger problem: the established pentesting procurement process makes security control less accessible.

Subpar developer-security team alignment is putting organizations at risk. Only 3 in 10 were able to report that their company’s security and engineering teams were “intertwined.” Security and engineering teams have work to do to effectively collaborate, which means lower-risk vulnerabilities stay exposed for longer.

The State of Pentesting report reveals the biggest hazards impacting the cybersecurity community today. Cobalt gathered data from over 1,500 pentests performed in 2020 to learn about the vulnerabilities discovered by companies and then interviewed 600+ security practitioners to learn about cybersecurity gaps across different industries and company sizes.

Read the full report by Cobalt.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.