Pentest Satisfaction Plummets as Security Teams Struggle to Secure AI
Event summary
- A Cobalt survey of 150 security leaders reveals only 36% are satisfied with their current penetration testing vendor.
- 76% of respondents prioritize staying ahead of threats and vulnerabilities, while 50% are focused on securing AI adoption.
- 40% are motivated to switch vendors for higher quality testing, and 37% for AI-specific expertise.
- 35% say faster scheduling (days vs. weeks) would motivate a vendor change.
The big picture
The Cobalt report highlights a growing crisis in cybersecurity, where traditional pentesting models are failing to keep pace with the rapid adoption of AI and the increasing complexity of modern systems. This disconnect is creating a significant operational burden for security teams, forcing them to re-evaluate their vendor relationships and testing methodologies. The findings underscore the need for a more agile and specialized approach to offensive security, particularly as AI-generated code introduces new and evolving vulnerabilities.
What we're watching
- Vendor Dynamics
- The high churn rate among pentesting vendors suggests a broader realignment of security service providers as organizations seek more specialized and responsive capabilities.
- AI Integration
- The gap between AI security concerns and actual assessment frequency indicates a significant operational challenge that will likely drive increased investment in specialized tooling and expertise.
- Testing Cadence
- The demand for faster, more integrated testing models signals a shift away from traditional, periodic pentests toward continuous security validation embedded within the development lifecycle.
Related topics