Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.


According to a recent survey by Cobalt, 74% of IT security professionals believe their organizations would test their systems more frequently if the traditional penetration testing (or “pentesting”) process was more efficient or required less management. Cybersecurity vulnerabilities are going undetected because pentesting hasn’t made its way to the 21st century — and this is a big problem.

Although software development professionals almost universally view pentesting as a critical component of application and network security programs, few organizations can actually perform as much pentesting as they want (or need) due to limited budgets and inefficiencies in the traditional pentesting process.

The most common approach to pentesting today is engaging a consulting firm with an IT practice to provide a pentesting team for a specific test project. While these engagements provide valuable input, network security teams find them to be expensive and slow, particularly in today’s on-demand, software-as-a-service (SaaS) -driven world.

Graphic. Based on a 2021 survey of 600 IT security professionals in the US, many agree that pentesting is a priority. 97% believe that pentesting saves their company money in the long run by preventing security breaches. 88% say that pentesting helps their organization improve security processes, and they should allocate more budget.

Event

Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

Cobalt’s research found that 79% of IT security professionals agree their departments lost valuable time due to inefficiencies involved in the traditional pentesting format. Meanwhile, 71% agreed that the cost of pentesting limits their organization’s ability to test more frequently.

Enter pentest-as-as-service (PtaaS), which has emerged as a modern approach to cybersecurity threat detection and remediation. According to Cobalt’s data, PtaaS reduces the hours of work required to plan, manage, and support pentesting projects by nearly 25%, freeing up the time of security and development teams to address other critical tasks.

PtaaS can also cut the total cost of a standard pentest project by 56% compared with traditional consulting engagements, enabling organizations to reduce the same amount of risk for half the cost — or get twice the coverage for the same budget.

The “ROI of Modern Pentesting” report reveals how traditional pentest consulting engagements stack up against the PtaaS model in today’s current cyber threat climate. Cobalt surveyed 600 IT security professionals and conducted an in-depth study of six seasoned security leaders from different organizations and industries that have commissioned services from both traditional consultancies and PtaaS providers.

Read the full report by Cobalt.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.