NetSPI Reveals Urgency for Enhanced Vulnerability Prioritization

By Stefania Viscusi

NetSPI, a provider of offensive security solutions, released its 2023 Offensive Security Vision Report highlighting vulnerability trends in applications, cloud, and networks.

It analyzed over 300,000 anonymized findings from numerous pentest engagements and identified prevalent vulnerabilities across industries like healthcare, retail, finance, and manufacturing.

The findings are meant to help security and business leaders to prioritize discovery, management, and remediation efforts. 

"This report makes it abundantly clear that there's still a lot to be done to support and enable the industry to improve vulnerability management," said Cody Chamberlain, Head of Product at NetSPI. "We hope the observations and actionable recommendations throughout our inaugural Offensive Security Vision Report are a great data-driven starting point for security teams to harden their security."

The report revealed that the government and nonprofit industry had the most critical and high severity vulnerabilities, while the insurance industry had the least. It also found that internal networks have three times the number of exploitable vulnerabilities compared to external networks and that web applications had a higher occurrence of high and critical vulnerabilities compared to mobile and thick applications.

Standing in the way of combating these issues once and for all are 2 barriers the report uncovered: lack of resources (70%) and prioritization (60%).

"One narrative made evident from our Offensive Security Vision Report is that vulnerability prioritization is critical," said Vinay Anand, Chief Product Officer at NetSPI. "The reality is that we cannot fix every vulnerability discovered, but if prioritization and support continue to lack, the security industry will fall short. This realization, coupled with the industry experiencing rising burnout rates among developer teams, should evoke a sense of urgency. Our findings can help leaders grasp the severity of the situation to prioritize vulnerability management."




Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Why AI Spend Management Could Become the Next MSP Service Opportunity

By: Erik Linask    7/14/2026

As AI costs rise, businesses need visibility into token usage and budget risk, which creates a potential new AI cost-governance revenue opportunity fo…

Read More

The Next SOC Shift Is Here: Autonomous Identity Response for MSPs

By: Erik Linask    7/8/2026

Blackpoint Cyber's new AI SOC Agent for Identity Threat Detection and Response gives MSPs an autonomous, human-guided way to contain high-confidence c…

Read More

Identity Is the New Perimeter and MSPs Are on the Front Line

By: Erik Linask    7/8/2026

Barracuda's acquisition of Evo Security expands BarracudaONE with MSP-focused IAM and PAM capabilities, highlighting how identity resilience is becomi…

Read More

MSPs: The Network Is No Longer Someone Else's Problem

By: Erik Linask    6/30/2026

Reinvent's new MyCloud SecureLink offering gives MSPs and resellers a partner-ready way to deliver managed SD-WAN, network security, and resilient con…

Read More

Why the Fastest-Growing MSPs Are Saying "No" More Often

By: Special Guest    6/30/2026

The fastest-growing MSPs in the U.S. are boosting margins, reducing cyber risk, and scaling more sustainably by adopting stricter customer qualificati…

Read More