Survey highlights the need for many organizations to rethink point-in-time pentesting and shift to a platform-based, continuous approach.

REDWOOD CITY, Calif., June 10, 2024 /PRNewswire/ -- Synack, the premier security testing platform, today announced the results of a survey led by TechTarget's Enterprise Strategy Group (ESG) that shows challenges in scaling penetration testing to meet the needs of large enterprises.

The report commissioned by Synack leverages insights from 200 technical decision-makers at U.S. organizations with at least 1,000 employees. Half of the survey respondents reported it was more difficult to manage their attack surface today than it was a year ago, whether because of third-party risk, data complexity or increasing attacker sophistication.

Other highlights of the report include:

• 58% of enterprises said detecting vulnerabilities is getting more difficult as their attack surface increases in complexity, size and rate of change
• Organizations reported pentesting currently covers only 47% of business-critical apps
• 60% of respondents reported finding it difficult to test frequently enough to keep up with the pace of application development, with three in four saying it's likely they will consider platform-based testing solutions like Penetration Testing as a Service (PTaaS)

"Point-in-time pentests have been a staple of security programs for so long, it can be hard to move to a continuous approach," said Dr. Mark Kuhr, Synack CTO and co-founder. "This survey shows security teams are aware of PTaaS's potential to accelerate business transformation and keep pace with modern software development, even though few have made the leap."

Only 32% of respondents said they use pentesting to improve overall security strategies and posture. Most either reported using pentesting for compliance or to achieve tactical objectives like finding and fixing vulnerabilities.

To read more about Synack's approach to PTaaS, click here. For more data points from the ESG survey, click here.

ABOUT SYNACK:
Synack's premier security testing platform harnesses a talented, vetted community of security researchers and smart technology to deliver continuous penetration testing and vulnerability management, with actionable results. We are committed to making the world more secure by closing the cybersecurity skills gap, giving organizations on-demand access to the most trusted security researchers in the world. Headquartered in Silicon Valley with regional teams around the world, Synack protects a growing list of Global 2000 customers and U.S. agencies in a FedRAMP Moderate Authorized environment. Synack's comprehensive approach to Pentesting as a Service (PTaaS) uncovered more than 14,000 exploitable vulnerabilities in 2023 alone. For more information, please visit .

SOURCE Synack