Cobalt today announced the release of its State of LLM Security Report 2025. This new research reveals a widening readiness gap in enterprise security as the rapid adoption of generative AI (genAI) outpaces defenders’ ability to secure it. A staggering 36% of security leaders and practitioners admit that genAI is moving faster than their teams can manage, a sobering reality as organizations continue to embed AI deep into core business operations.
Despite growing concern, many are calling for a timeout: 48% of respondents believe a “strategic pause” is needed to recalibrate defenses against genAI-driven threats. But that pause isn’t coming.
Key findings from the report include:
- 72% of respondents cite genAI-related attacks as their top IT risk, but 33% are still not conducting regular security assessments, including penetration testing, for their LLM deployments.
- 50% of respondents want more transparency from software suppliers about how they detect and prevent vulnerabilities, signaling a growing trust gap in the AI supply chain.
- Security leaders (C-suite and VP level) are more concerned about long-term genAI threats like adversarial attacks (76%) versus the 68% of practitioners which expressed the same concern. However when it came to near-term operational risks such as inaccurate outputs, 45% of practitioners expressed concern versus 36% of security leaders.
- Top concerns among all survey respondents include sensitive information disclosure (46%), model poisoning or theft (42%), and training data leakage (37%), all pointing to an urgent need to protect the integrity of data pipelines.
- Overall, 69% of serious findings across all pentest categories are resolved but this falls to just 21% of the high-severity vulnerabilities found in LLM pentests. This is a concern given that 32% of LLM pentest findings are serious and is the lowest resolution rate across all test types conducted by Cobalt.
Methodology
The report analyzes two different datasets. The majority of analysis is based on data collected during Cobalt pentests. This is supplemented by insights collected via a survey by a third-party research firm, Emerald Research. All penetration testing data analyzed in this report was collected through Cobalt pentests. This spans more than 2,700 organizations. Metadata from these pentests was exported from the Cobalt Offensive Security Platform, sanitized to remove client-identifying and other sensitive details, and provided to Cyentia Institute for independent analysis.
Additional Resources:
Like this:
Like Loading...
Related
This entry was posted on June 24, 2025 at 9:15 am and is filed under Commentary with tags Cobalt. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Cobalt Research Reveals Critical Readiness Gap as Security Teams Fall Behind GenAI Risks
Cobalt today announced the release of its State of LLM Security Report 2025. This new research reveals a widening readiness gap in enterprise security as the rapid adoption of generative AI (genAI) outpaces defenders’ ability to secure it. A staggering 36% of security leaders and practitioners admit that genAI is moving faster than their teams can manage, a sobering reality as organizations continue to embed AI deep into core business operations.
Despite growing concern, many are calling for a timeout: 48% of respondents believe a “strategic pause” is needed to recalibrate defenses against genAI-driven threats. But that pause isn’t coming.
Key findings from the report include:
Methodology
The report analyzes two different datasets. The majority of analysis is based on data collected during Cobalt pentests. This is supplemented by insights collected via a survey by a third-party research firm, Emerald Research. All penetration testing data analyzed in this report was collected through Cobalt pentests. This spans more than 2,700 organizations. Metadata from these pentests was exported from the Cobalt Offensive Security Platform, sanitized to remove client-identifying and other sensitive details, and provided to Cyentia Institute for independent analysis.
Additional Resources:
Share this:
Like this:
Related
This entry was posted on June 24, 2025 at 9:15 am and is filed under Commentary with tags Cobalt. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.