New Synack and Omdia Study Reveals Security Testing Gaps in Businesses

New Insights from Synack and Omdia: The Security Testing Challenge

A recent report titled "The 2026 State of AI with Agents in Penetration Testing" co-authored by Synack and Omdia sheds light on a critical concern in the cybersecurity arena. Despite a striking 95% of organizations recognizing penetration testing as a top priority, only a mere 32% of their attack surfaces are currently being tested. This alarming discrepancy reveals significant weaknesses in today's cybersecurity defenses.

With the rise of cyber threats leveraging artificial intelligence, this study explores how companies can enhance their security measures to keep pace. The report highlights a growing gap between the essential need for comprehensive security testing and the current engagement levels achieved by businesses.

Jay Kaplan, Synack's CEO, emphasizes the urgency to transition from traditional semi-annual penetration tests to continuous automated frameworks integrated with human oversight. The research showcases a paradigm shift towards adopting AI-driven agents that can scale tests more efficiently than human testers alone. This evolution is crucial as companies navigate increasingly complex cloud and AI environments.

Mark Kuhr, CTO of Synack, notes, “AI can boost scale and effectiveness, yet human creativity remains irreplaceable in real-world scenarios”. The collaboration between intelligent systems and skilled human oversight allows companies to develop more sophisticated and responsive security frameworks.

Angela Heindl-Schober, CMO of Synack, pointed out the paradox of heightened awareness among security leaders regarding the importance of penetration testing, juxtaposed with a concerning amount of unexamined territory within their environments. This study underscores the need for organizations to reassess their security strategies and embrace a proactive, offensive security posture to preemptively address vulnerabilities.

The report outlines several key findings:
1. Urgency for Continuous Testing: Businesses are now urged to adopt forward-thinking strategies for ongoing security assessments.
2. Pace of Adoption: A majority of organizations (87%) have moved beyond just evaluating AI capabilities in penetration testing and are beginning to implement them actively.
3. Future Outlook: 95% of companies foresee AI-driven solutions replacing traditional penetration testing services in the near future, although the extent of this change varies among organizations.
4. Preferred Models: 64% of respondents favor AI-driven methods paired with continuous human oversight, recognizing the value of both technology and human intervention in maintaining security.
5. Trust in AI: A significant 87% of security leaders trust the capabilities of AI agents, emphasizing the need for comprehensive and transparent security protocols.

The findings serve as a wake-up call for security teams aiming to demonstrate value to management while quickening remediation times. Synack advocates leveraging its comprehensive offensive security platform to empower Chief Information Security Officers (CISOs) to foster resilience in dynamic security landscapes amidst rising AI-driven threats.

In conclusion, as the cybersecurity landscape shifts dramatically, closing the testing coverage gap remains an urgent priority. Organizations must recognize that sustained vigilance and proactive measures are essential to safeguard their digital assets.

For those interested in a deeper understanding of these findings, the full report, "The 2026 State of AI with Agents in Penetration Testing," is available for download at Synack's website. This comprehensive study offers key insights into the future of security testing and the crucial role that AI will play in shaping robust defense mechanisms.

About Synack

Synack stands at the forefront of penetration testing led by skilled experts and powered by AI. The platform aims to help organizations reduce risk, navigate regulations, and defend against evolving cyber threats. Co-founding by former NSA agents, Synack has facilitated nearly 10 million hours of expert testing across diverse sectors, from financial systems to the U.S. Department of Defense's infrastructure.

About Omdia

Omdia, a part of TechTarget, Inc., delivers actionable insights based on extensive research and real-world industry dialogues to bolster technological advancements and market positions for its clients.