The State of Pentesting 2023

The most prevalent vulnerabilities, how macroeconomic trends impact security teams, and where you might be leaving money on the table with your pentests.


Top Security Risks Exposed in 3,100+ Pentests

Disruption, transformation, volatility — whichever keyword fits your style, it all points to one fact: change is the constant for security teams.

How do security teams plan to protect assets with fewer resources and more responsibilities?

Cobalt's 5th edition of The State of Pentesting explores this question, tapping into data from 3,100 pentests and over 1,000 responses from security practitioners in the United States, the United Kingdom, and Germany. 

Here's What You'll Learn:

  • Top vulnerabilities, security challenges, and pentesting trends
  • How layoffs and budget cuts impact organizations' security postures
  • What security teams plan to outsource and/or deprioritize to better manage growing workloads
  • How to prepare your team and environment for a productive and in-depth pentest

Top Findings for 2022

The latest