Security teams are still struggling to effectively remove and prevent issues that are well known in the industry. The State of Pentesting report by Cobalt found that security teams have been dealing with the same top 5 vulnerabilities for 4 years in a row.

Organizations are slow to respond to cyber threats, aren’t protecting their full portfolios, struggle to find cyber talent, and don’t have alignment within security and development teams.

25% of respondents said their company takes up to 60 days — or longer — to address low-to medium-risk vulnerabilities, and a small but nonetheless notable segment (1%) of companies don’t bother to remediate them at all. 67% percent of respondents believe their companies’ sluggish response to these vulnerabilities creates risk for their businesses.

Read more here.