Most companies set ambitious service-level agreements (SLA) requiring vulnerabilities to be fixed within 14 days.

April 14, 2025

Most companies set ambitious service-level agreements (SLA) requiring vulnerabilities to be fixed within 14 days. — This cybersecurity statistic was published by Cobalt in April 2025. It covers topics including Vulnerabilities, SLAs. The original data appears in State of Pentesting Report 2025. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 4/14/2025

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

Most companies set ambitious service-level agreements (SLA) requiring vulnerabilities to be fixed within 14 days. This data was published by Cobalt and covers Vulnerabilities, SLAs.

Where does this data come from?

This statistic comes from State of Pentesting Report 2025, published by Cobalt on April 14, 2025. You can view the original report at https://resource.cobalt.io/state-of-pentesting-2025.

What cybersecurity topics does this cover?

This statistic relates to Vulnerabilities, SLAs. Browse more statistics on Vulnerabilities or from Cobalt.

CYBERSTATS

Most companies set ambitious service-level agreements (SLA) requiring vulnerabilities to be fixed within 14 days.

Source

Share or Copy this stat

Frequently Asked Questions

Want More Statistics Like This?

Related Statistics

99% of API vulnerabilities are remotely exploitable.

In 2025, 17% of 67,058 published vulnerabilities (11,053 vulnerabilities) were API-related.

25% of ICS-CERT and NVD vulnerabilities have incorrect CVSS scores.

11% of detected vulnerabilities have a known exploit.

The most widely detected vulnerability is CVE-2013-2566, which dates to 2013.

In 2025, 14% of published AI vulnerabilities were MCP-related (315 MCP-related vulnerabilities).

Browse by Topic

Stay Ahead of Cyber Threats