1、THE STATE OF PENTESTING 2025S URVEY R EPO RTUSA EDITIONTable of contentsIntroductionMethodologyKey findingsSurvey report findingsIncreasing complexity of cyber infrastructure Large stacks are growing largerCybersecurity insurance providers are driving tool adoptionLarger security stacks,fewer breach

2、es yet no guarantees No surface is safe:Threats are spread across the entire attack surfaceMore tools,more alerts:Prioritization is more critical than everConfidence in government cyber support is lowChange outpacing the rate of security validationThe rise of software-based pentestingPentesting:From

3、 compliance obligation to strategic valuePentester availability and budget consciousness rise to the topThe shift toward automated adversarial testingPentest findings are being operationalizedAlignment of risk perception,breaches,and testing focusWhat are enterprises spending on their security?Secur

4、ity budgets are growing in 2025A detailed look at the numbers behind this report334789101112131415161718 1920212223Executive summaryTHE STATE OF PENTESTING SURVEY 20252THE STATE OF PENTESTING SURVEY 20253MethodologyPentera commissioned a global survey of 500 CISOs and senior security executives,200

5、of them are from the United StatesThe survey was conducted by Global Surveyz,an independent research firm,in January 2025.Participants were recruited through a global B2B research panel and invited via email to complete the surveyAll respondents held C-level or VP roles in IT and cybersecurity funct

6、ionsRepresenting organizations with 3,000 employees or more across a range of industriesIntroduction5003000+Welcome to the 2025 State of Pentesting Report.Now in its fourth year,this survey brings together insights from 500 CISOs around the world to provide a clear view of how organizations are test