Skip to main content
HomeTopicsOffensive Security

Offensive Security

Cybersecurity statistics about offensive security

Showing 1-20 of 34 results

60% of security professionals state they require stronger LLM testing capabilities.

Cobalt6/28/2026
AI SecurityLLM Testing

47% of organizations favor automation for low-risk environments, up 22 percentage points.

Cobalt6/28/2026
Risk ManagementAutomation

38% of LLM vulnerabilities were fixed while 62% remain open.

Cobalt6/28/2026
AI SecurityVulnerability Management

32% of AI-related pentest findings were classified as high risk, compared to 12% of all pentest findings overall.

Cobalt6/28/2026
Pen TestingAI Security

9% of organizations rely entirely on AI automation for testing, down from 29%, while 47% prefer a hybrid testing model.

Cobalt6/28/2026
AI TestingHybrid Testing

77% of organizations conduct regular security assessments and pentests for AI-powered products, an increase of 11 percentage points from last year.

Cobalt6/28/2026
Pen TestingAI Security

78% of organizations experienced fully automated scanning tools missing critical vulnerabilities and returning false negatives.

Cobalt6/28/2026
Vulnerability ManagementFalse Negatives

Support for hybrid testing models increased by 22 percentage points to 47%.

Cobalt6/28/2026
Hybrid Testing

42% of security professionals plan to increase human-led red team operations.

Cobalt6/28/2026
Red TeamingAI Security

79% are concerned about missing vulnerabilities introduced between scheduled tests

Aikido6/28/2026
Vulnerabilities

53% of organizations say point-in-time penetration testing becomes outdated before results can be acted upon.

Cobalt6/15/2026
Penetration TestingContinuous Testing

94% of organizations explicitly see the importance of keeping humans in the loop for offensive security programs.

Cobalt6/15/2026
AI Security

60% of organizations expect analysts to shift from executing offensive security tasks to supervising autonomous workflows.

Cobalt6/15/2026
Automation

58% of organizations utilize pentesting-as-a-service (PTaaS) for continuous testing.

Cobalt6/15/2026
Penetration TestingPTaaS

88% of organizations plan to increase offensive security spending over the next 12 months, with 65% planning moderate increases and 23% planning significant increases.

Cobalt6/15/2026
Security SpendingSecurity Budgets

51% of professional pentesters cite the pressure to be the first to submit a finding as their primary frustration with bug bounty programs.

Cobalt5/27/2026
Bug BountyPenetration Testing

54% of professional pentesters report having discovered a Zero-Day or N-Day vulnerability that had no existing public patch or advisory.

Cobalt5/27/2026
Zero-DayVulnerability Discovery

1% of professional pentesters believe AI-only scanning is effective for uncovering high-impact, exploitable vulnerabilities.

Cobalt5/27/2026
AI SecurityVulnerability Discovery

U.S. enterprises allocate an average of $187,000 annually to pentesting.

Pentera5/7/2025
Pen testingOffensive security

50% of CISOs identify software-based testing as a primary method for uncovering exploitable security gaps within their organizations.

Pentera5/7/2025
Pen testingOffensive security