12 Jan
min read

Security Testing Has Changed

This research paper has been prepared by Cytix to explore how a modernized approach to Security Testing can achieve the goals and objectives of businesses in 2023.

Thomas Ballin


  • Security testing is approximately 60 years old
  • Approximately 48% of businesses are making daily changes to assets that may impact security
  • Businesses are shifting left to cater for "Insecure Design" vulnerabilities
  • Shifting left often fails to consider key information, including context and defence-in-depth
  • Mass adoption of cloud, low-code/no-code, and SaaS estate introduce new security challenges
  • Organisations use an average of 57 security tools
  • Over 1/3 of businesses expect non-security roles to commission security testing
  • Baseline, Iterative, Continuous, Automated, and Crowd-sourced (bug bounties/ vulnerability disclosure programmes) approaches are necessary to cater for modern demands
  • Mean-Time-to-Detection (MTTD) and Mean-Time-to-Response (MTTR) are leading KPIs for security testing
  • "Greater Collaboration" identified as key factor in increased ROI from security testing
  • Weighted principles, Attack path mapping, and Continuous Threat Exposure Management (CTEM) are all emerging technologies
  • There is a gap in the market for a single-pain-of-glass to consolidate vulnerability management
bug report

Get a Free Trial  From Cytix

Haven’t tried Cytix yet? Try our free trial to see how it works.

Get a Free Trial

Start Detecting Vulnerabilities Others Miss Today

  • Detect Vulnerabilities Faster
  • Patch Vulnerabilities Faster
  • Be more compliant
Learn More

Detect, Resolve &
Patch Faster With Cytix

Get a free test today and see how it works.
CTA Image
cta rectangle image
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.