State of Pentesting survey report

Pentesting accounts for 11% of the total IT security budgets of U.S. enterprises.

67% of enterprises reported a breach in the past 24 months.

U.S. enterprises allocate an average of $187,000 annually to pentesting.

50% of CISOs identify software-based testing as a primary method for uncovering exploitable security gaps within their organizations.

28% of CISOs experienced financial loss following a breach.

36% of CISOs reported unplanned downtime following a breach.

30% of CISOs cited data exposure following a breach.

59% of enterprises have adopted at least one new security solution at the request of their cyber insurance provider.

96% of organizations are making changes to their IT environment at least quarterly

The average total IT security budget for U.S. enterprises is $1.77 million.

76% of CISOs reported a significant impact following a breach.