VendorsCobalt
Cobalt
Cybersecurity reports and statistics published by Cobalt
8 categories7 reports
Research Reports
Reports and publications from Cobalt
State of Pentesting Report 2026
4/21/2026
Pentester Profile Report
3/5/2026
State of Pentesting in Financial Services 2025
9/30/2025
State of Pentesting in Healthcare 2025
9/3/2025
CISO Perspectives Report: AI and Digital Supply Chain Risks
7/31/2025
The State of LLM Security Report
6/24/2025
State of Pentesting Report 2025
4/14/2025
Recent Statistics & Reports
LLMs have the lowest resolution rate of all application types, with just 38% of high-risk issues being fixed.
5/27/2026•
LLM TestingVulnerability Remediation
The typical organization ultimately resolves 86% of its high-risk findings, but only 52% of high-risk findings are remediated within a five-year time frame.
5/27/2026•
Vulnerability RemediationLong-Term Remediation
Top-performing organizations have a high-risk finding half-life of 10 days, while bottom-tier organizations have a 249-day half-life—an eight-month gap in exposure.
5/27/2026•
Vulnerability RemediationRisk ExposureOperational Performance
97% of security professionals state they are adding AI capabilities to their software and services.
5/27/2026•
AI AdoptionSoftware Development
61% of security professionals want a "strategic pause" to calibrate defenses against AI-driven threats, up from 48% last year.
5/27/2026•
AI SecurityAI-Driven ThreatsSecurity Strategy
32% of AI/LLM findings are rated as high risk, nearly 2.7x the overall high-risk rate of 12%.
5/27/2026•
AI TestingLLM TestingVulnerabilities
33% of organizations reported significant security budget growth in the past year, while 50% saw incremental increases.
5/27/2026•
Security BudgetsFundingRisk Management
One in five organizations experienced an LLM security incident in the last year, while a further 18% are unsure and 19% preferred not to answer.
5/27/2026•
Security IncidentsLLM Security IncidentOrganizational Risk
57% of C-suite executives believe their organization consistently meets remediation SLAs, yet only 15% of security practitioners agree.
5/27/2026•
GovernanceSLAsSecurity Operations
Security teams' confidence in their ability to keep up with the security implications of AI adoption declined from 64% to 51%.
5/27/2026•
Security ConfidenceAI SecurityAI Adoption
15% of professional pentesters rank public bug bounties as the most effective model for uncovering complex vulnerabilities.
5/27/2026•
Bug BountyVulnerability DiscoveryPenetration Testing
51% of professional pentesters cite the pressure to be the first to submit a finding as their primary frustration with bug bounty programs.
5/27/2026•
Bug BountyOffensive SecurityPenetration Testing
30% of all bug bounty submissions are invalid or low-value "noise."
5/27/2026•
Bug BountySecurity OperationsVulnerability Triage
98% of professional pen testers prefer the PTaaS model over bug bounties.
5/27/2026•
PTaaSBug BountyPenetration Testing
54% of professional pentesters report having discovered a Zero-Day or N-Day vulnerability that had no existing public patch or advisory.
5/27/2026•
Zero-DayVulnerability DiscoveryOffensive Security
1% of professional pentesters believe AI-only scanning is effective for uncovering high-impact, exploitable vulnerabilities.
5/27/2026•
AI SecurityVulnerability DiscoveryOffensive Security
58% of professional pentesters rank PTaaS as the most effective model for uncovering complex vulnerabilities.
5/27/2026•
Penetration TestingPTaaSVulnerability Discovery
The Median Time to Remediation (MTTR) for serious findings is 61 days in the financial services industry. This ranks financial services 11th of 13 industries measured.
9/30/2025•
Financial servicesPen testMTTR
Server security misconfigurations: 34.9% in the financial services industry (versus 27.9% average in other industries).
9/30/2025•
Financial servicesPen testVulnerabilities
Sensitive data exposure: 10.5% in the financial services industry (versus 8.0% average in other industries).
9/30/2025•
Financial servicesPen testVulnerabilities
Showing 1-20 of 95 results