The State of Pentesting 2023

The most prevalent vulnerabilities, how macroeconomic trends impact security teams, and where you might be leaving money on the table with your pentests.

State-of-Pentesting-Report-Menu-Image

Looking for the latest
State of Pentesting Report?

Explore other State of Pentesting Report insights. Access the latest State of Pentesting Report for 2025, or explore trends and data from our previous editions in 2024, 2023, and 2022. Find the year that best suits your research needs.
SOPR25-Landing Page Cover Image-1192x700

Top Security Risks Exposed in 3,100+ Pentests

Disruption, transformation, volatility — whichever keyword fits your style, it all points to one fact: change is the constant for security teams.

How do security teams plan to protect assets with fewer resources and more responsibilities?

Cobalt's 5th edition of The State of Pentesting explores this question, tapping into data from 3,100 pentests and over 1,000 responses from security practitioners in the United States, the United Kingdom, and Germany. 

Here's What You'll Learn:

  • Top vulnerabilities, security challenges, and pentesting trends
  • How layoffs and budget cuts impact organizations' security postures
  • What security teams plan to outsource and/or deprioritize to better manage growing workloads
  • How to prepare your team and environment for a productive and in-depth pentest

Top Findings for 2022

The latest