MINNEAPOLIS —March 23, 2022— Core Security by Fortra today announced the results of its third annual pen testing survey. The 2022 Penetration Testing Report identifies industry trends, top security concerns and provides a close look at how cybersecurity professionals are using pen testing in the field.

•    Three quarters of respondents agree that pen testing is important to their security posture
•    More organizations are using pen testing to verify compliance
•    Phishing, ransomware, and misconfigurations are the most common security concerns
•    Support for pen testing has increased and demand for third-party services remains high

Pen testing enables organizations to proactively detect vulnerabilities and close any gaps in security and its value as a vital cybersecurity tool was acknowledged by professionals in the survey, with 76 percent stating that pen testing was important to their organization’s security posture.

Three quarters of respondents use pen testing to measure their security posture, while the same number use pen testing for compliance or other external mandates. The latter shows an increase since last year, suggesting that a growing number of organizations need to comply with industry regulations and use pen testing to demonstrate that mandated security measures are working.

Respondents reported phishing, ransomware, and misconfigurations as their top three security concerns. With ransomware commonly entering organizations through phishing emails, phishing capabilities in pen testing tools were 13 percent more sought after than last year. This year a larger percentage of organizations conducted ongoing phishing simulations to help mitigate this pervasive threat.

This year’s survey shows stronger organizational support for the sponsorship and funding of pen testing programs, hiring of skilled professionals, and getting others to act on the findings. Third-party pen testing teams remain a popular resource, with 83 percent of respondents leveraging third parties in some capacity. Seeking an external viewpoint and applying fresh expertise to the environment were two main reasons cited for organizations employing these teams.

“These findings support the vital role that pen testing plays in an organization’s security strategy and give every sign that it will remain a crucial practice for years to come,” said Mark Bell, Managing Director, Infrastructure Protection at Fortra. “Threats such as phishing, ransomware, and inattention to specific environments are concerning, and putting your organization to the test on a regular basis is the best way to ensure you’re continuously reducing your cyber risk exposure.”

Download the full report here.

About Fortra 
Fortra is a software company focused on helping exceptional organizations secure and automate their operations. Our cybersecurity and automation software protects information and simplifies  IT processes to give our customers peace of mind. We know security and IT transformation is a journey, not a destination. Let’s move forward. Learn more at www.fortra.com

Media Contacts 

North America:
Angela Tuzzo
[email protected]

EMEA:
Lottie Hutchins
[email protected]

RECENT NEWS
Fortra Acquires Outflank
September 1, 2022
Outflank’s trusted experts run sophisticated attack scenarios supported by a unique SaaS offering that help global businesses pinpoint and address dangerous IT vulnerabilities. ​ MINNEAPOLIS
Fortra Acquires Terranova Security
April 12, 2022
Terranova Security helps users spot email phishing attempts and other cyberattacks through education and simulation available in 40+ languages MINNEAPOLIS —April 8, 2022—Fortra announced today
VRT Zero-day Security Advisory
April 1, 2022
Fortra Infrastructure Protection brands, Digital Defense and Beyond Security are actively monitoring the disclosure of a security issue affecting a widely used Java Framework called
Fortra Receives Prestigious 5-Star Rating in CRN® 2022 Partner Program Guide
March 31, 2022
Company’s Global Partner Program Provides Comprehensive Lineup of Benefits for Channel Partners  MINNEAPOLIS – March 31, 2022 – Fortra, a cybersecurity and automation software provider,
Pen Testing Remains Vital Tool for Reducing Cyber Risk Exposure According to Core Security Survey
March 24, 2022
MINNEAPOLIS —March 23, 2022— Core Security by Fortra today announced the results of its third annual pen testing survey. The 2022 Penetration Testing Report identifies industry trends, top
Fortra to Acquire Alert Logic
March 9, 2022
Managed detection and response (MDR) forms new cornerstone of Fortra’ cybersecurity portfolio MINNEAPOLIS March 9, 2022—Fortra announced today it has signed a merger agreement to
CEO Kate Bolseth Named in Second Round of MSPBJ 2021 Women in Business Award
July 28, 2021
The Minneapolis/St. Paul Business Journal is announcing the second round of its 2021 Women in Business honorees, including executives from large corporations and entrepreneurs who
Beyond Security and Cybellum Form Partnership to Address Automotive Software Security Challenges
July 20, 2021
This article was originally published on EIN Presswire on July 19, 2021. SACRAMENTO, CALIFORNIA, UNITED STATES, July 19, 2021 /EINPresswire.com/ — Beyond Security, by Fortra, a leading provider
Fortra Acquires Beyond Security to Continue Expansion of Cybersecurity Portfolio
May 11, 2021
This article was originally published on Cision PR Newswire on May 11, 2021. MINNEAPOLIS, May 11, 2021 /PRNewswire/ — Fortra announced today the acquisition of Beyond Security, a global leader in
Beyond Security Reinvents its Premier Vulnerability Assessment Solution With beSECURE XDR
March 17, 2021
This article was originally published on EIN Presswire on March 17, 2021. SACRAMENTO, CALIFORNIA, UNITED STATES, March 17, 2021 / EINPresswire.com/ — Beyond Security, a leading provider