Vendorsmondoo
mondoo
Cybersecurity reports and statistics published by mondoo
1 categories1 reports
Recent Statistics & Reports
35% of respondent organizations are not currently using their CI/CD pipelines for remediation but want to in 2025.
10/21/2025•
Vulnerability Remediation
22% of respondent organizations are using their CI/CD pipelines to deliver fixes and remediations.
10/21/2025•
Vulnerability Remediation
60% of respondents reported that fewer than 5% of vulnerabilities and misconfigurations recurred within a month of remediation in 2025.
10/21/2025•
Vulnerability Remediation
35% of respondents cited rollbacks of patches as a cause of vulnerability recurrence.
10/21/2025•
Vulnerability Remediation
91% of respondents agreed or strongly agreed that their organization is improving in its ability to remediate vulnerabilities in 2025, according to a survey of respondents.
10/21/2025•
Vulnerability Remediation
4% of organizations took more than 15 days to remediate critical vulnerabilities in 2025.
10/21/2025•
Vulnerability Remediation
1% of respondents reported being 'not at all confident' in their organization's ability to remediate known vulnerabilities in a timely manner.
10/21/2025•
Vulnerability Remediation
Companies that experience tool sprawl report 51% lower remediation confidence compared to those who did not experience tool sprawl in 2025.
10/21/2025•
Vulnerability Remediation
Tool sprawl reduces confidence in remediation by 51% in 2025.
10/21/2025•
Vulnerability Remediation
28% of organizations report that IT operations is primarily responsible for remediating vulnerabilities and misconfigurations reported by security.
10/21/2025•
Vulnerability Remediation
42% of IT and security professionals reported working in both IT operations and security in 2025, according to a survey of 125 respondents
10/21/2025•
Vulnerability Remediation
26% of respondents stated that the recurrence of vulnerabilities and misconfigurations was between 6% and 10% within a month of remediation in 2025.
10/21/2025•
Vulnerability Remediation
52% report on their remediation efforts ‘quarterly’, ‘rarely’, or ‘never’ in 2025, while only 18% run weekly reports.
10/21/2025•
Vulnerability Remediation
44% of security and IT operators indicated that auto-creating tickets with all relevant information would improve remediation in 2025.
10/21/2025•
Vulnerability Remediation
18% of organizations surveyed reported tracking and reporting their remediation efforts on a weekly basis while 30% reported doing so monthly.
10/21/2025•
Vulnerability Remediation
39% of respondents reported not using a vulnerability remediation tracking tool in 2025, relying instead on manual tracking using spreadsheets.
10/21/2025•
Vulnerability Remediation
48% of respondents reported being 'fairly confident' in their organization's ability to remediate known vulnerabilities in a timely manner.
10/21/2025•
Vulnerability Remediation
18% of respondents identified lack of scanning in CI/CD as a main reason for the recurrence of vulnerabilities in 2025.
10/21/2025•
Vulnerability Remediation
71% of organizations reported that they remediate critical vulnerabilities within 24–72 hours in 2025.
10/21/2025•
Vulnerability Remediation
33% of organizations reported remediating critical vulnerabilities within one to three days in 2025, compared to 32% for high-importance vulnerabilities.
10/21/2025•
Vulnerability Remediation
Showing first 20 results