VendorsCobalt
Cobalt
Cybersecurity reports and statistics published by Cobalt
8 categories5 reports
Research Reports
Reports and publications from Cobalt
Recent Statistics & Reports
Just 13.3% of healthcare pentest findings qualify as “serious”. This ranks healthcare 6th-best out of 13 industries.
9/3/2025•
HealthcarePen testVulnerabilities
43% of healthcare organizations resolve critical findings in business-critical assets in one to three days.
9/3/2025•
HealthcarePen testVulnerabilities
Healthcare’s half-life for serious pen test findings was 244 days. This ranks healthcare 11th of 13 industries. Transportation had a half-life of 43 days.
9/3/2025•
HealthcarePen testVulnerabilities
Healthcare’s median time to resolve serious pen test findings was 58 days. This ranks healthcare 10th of 13 industries. Hospitality led with 20 days.
9/3/2025•
HealthcarePen testVulnerabilities
Nearly 40% of healthcare SLAs require serious findings in business-critical assets to be fixed within three days. Another 40% require resolution within four to 14 days.
9/3/2025•
HealthcarePen testSLA
37% of healthcare organizations resolve critical findings in business-critical assets within four to seven days.
9/3/2025•
HealthcarePen testVulnerabilities
68% of healthcare leaders cited third-party software as the top risk.
9/3/2025•
HealthcareThird-party risk
Healthcare resolved only 57.4% of serious pen test findings. This ranks healthcare 11th of 13 industries. By comparison, transportation led with 80.2%.
9/3/2025•
HealthcarePen testVulnerabilities
71% of healthcare leaders cited GenAI as the top risk.
9/3/2025•
HealthcareGenAI
71% of healthcare leaders cited GenAI as the top risk.
9/3/2025•
HealthcareGenAI
53% of respondents supplement their efforts with internal testing
7/31/2025•
TestingInternal testing
68% of security leaders state that their boards now view the secure deployment of generative AI as a critical priority.
7/31/2025•
Gen AI
55% of security leaders are constantly worried that a single employee mistake could put their entire organisation at risk.
7/31/2025•
Human error
More than half (58%) of respondents require third-party penetration test reports to validate software security.
7/31/2025•
TestingPen testingSoftware security
68% of CISOs consider supply chain risk and generative AI security to be top concerns, viewing them as intertwined challenges that are redefining the attack surface.
7/31/2025•
Supply chain riskGen AICybersecurity risk
60% of security leaders believe that attackers are evolving too quickly to maintain a truly resilient security posture.
7/31/2025•
Security postureAttacker capabilities
55% of respondents conduct independent code reviews.
7/31/2025•
Code review
46% of security leaders are uneasy about AI-driven features and large language models.
7/31/2025•
AI
68% of security leaders are concerned about the risks associated with third-party software tools and components integrated into their tech stacks.
7/31/2025•
Supply chain riskThird-party softwareThird-party software tools
Nearly nine in 10 security leaders (88%) view penetration testing as an essential component of their overall security programme.
7/31/2025•
TestingPen testing
Showing 21-40 of 78 results