Cobalt today announced findings from new research conducted by Omdia that reveal a significant shift in how organizations approach offensive security. As AI accelerates both attack and defense capabilities, security leaders are moving away from static, point-in-time assessments in favor of continuous, intelligence-driven security validation that combines human expertise with automation.
The survey of 400 cybersecurity professionals found that 94% of organizations see the importance of keeping humans in the loop for offensive security programs, while 60% expect analysts to shift from executing offensive security tasks to supervising autonomous workflows. At the same time, 53% of respondents said traditional offensive security approaches, such as manual penetration testing, provide a static view that is obsolete by the time reports are delivered.
The findings highlight a broader transformation in offensive security. Organizations increasingly recognize that point-in-time testing cannot keep pace with rapidly changing attack surfaces, AI-powered threats, and accelerated software development cycles.
The research also found that 58% of organizations now utilize PTaaS, making it the most widely adopted offensive security model surveyed. Additionally, 88% of respondents expect to increase spending on offensive security technologies over the next 12 months, including 23% planning significant increases.
Among the key findings:
- 94% of organizations explicitly see the importance of keeping humans in the loop for offensive security programs.
- 60% expect analysts to shift from executing offensive security tasks to supervising autonomous workflows.
- 53% say traditional offensive security strategies provide a static view that is obsolete by the time reports are delivered.
- 58% already utilize PTaaS, making it the most widely adopted offensive security model surveyed.
- 88% plan to increase offensive security spending over the next 12 months, consisting of 65% planning moderate increases and 23% planning significant increases.
The findings underscore growing demand for offensive security programs that provide continuous visibility, integrate with existing security and engineering workflows, and help organizations reduce measurable risk rather than simply identify vulnerabilities. Furthermore, respondents emphasized that shifting toward continuous validation turns security into a business accelerator, whereby development teams can bring secure products to market faster.
The research, Next-generation Offensive Security Strategies Give Defenders the AI Advantage, was conducted by Omdia and surveyed 400 IT and cybersecurity professionals across North America responsible for developing and managing offensive security strategies.
The full report is available here.
Source: Omdia Research Survey, Next-generation Offensive Security Strategies Give Defenders the AI Advantage, May 2026.
Related
This entry was posted on June 10, 2026 at 8:26 am and is filed under Commentary with tags Cobalt. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Majority of Security Leaders Say Traditional Pentesting Can’t Keep Pace with Modern Threats, Omdia Research Finds
Cobalt today announced findings from new research conducted by Omdia that reveal a significant shift in how organizations approach offensive security. As AI accelerates both attack and defense capabilities, security leaders are moving away from static, point-in-time assessments in favor of continuous, intelligence-driven security validation that combines human expertise with automation.
The survey of 400 cybersecurity professionals found that 94% of organizations see the importance of keeping humans in the loop for offensive security programs, while 60% expect analysts to shift from executing offensive security tasks to supervising autonomous workflows. At the same time, 53% of respondents said traditional offensive security approaches, such as manual penetration testing, provide a static view that is obsolete by the time reports are delivered.
The findings highlight a broader transformation in offensive security. Organizations increasingly recognize that point-in-time testing cannot keep pace with rapidly changing attack surfaces, AI-powered threats, and accelerated software development cycles.
The research also found that 58% of organizations now utilize PTaaS, making it the most widely adopted offensive security model surveyed. Additionally, 88% of respondents expect to increase spending on offensive security technologies over the next 12 months, including 23% planning significant increases.
Among the key findings:
The findings underscore growing demand for offensive security programs that provide continuous visibility, integrate with existing security and engineering workflows, and help organizations reduce measurable risk rather than simply identify vulnerabilities. Furthermore, respondents emphasized that shifting toward continuous validation turns security into a business accelerator, whereby development teams can bring secure products to market faster.
The research, Next-generation Offensive Security Strategies Give Defenders the AI Advantage, was conducted by Omdia and surveyed 400 IT and cybersecurity professionals across North America responsible for developing and managing offensive security strategies.
The full report is available here.
Source: Omdia Research Survey, Next-generation Offensive Security Strategies Give Defenders the AI Advantage, May 2026.
Share this:
Like this:
Related
This entry was posted on June 10, 2026 at 8:26 am and is filed under Commentary with tags Cobalt. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.