We surveyed over 300 DevSecOps pros to understand how they’re managing vulnerabilities—discover the results

The 2025 State of Vulnerability Management and Remediation Report

Share

Open source powers everything from cutting-edge applications to critical infrastructure yet 53% of DevSecOps professionals put their security at risk by relying on others to maintain/fix open source vulnerabilities, having limited capability to track and manage their risk, or knowingly using bad open source.

The ActiveState 2025 State of Vulnerability Management and Remediation Report provides a candid look into how organizations manage vulnerabilities and remediation. It provides:

  • Top challenges around DevSecOps teams vulnerability protocols and workflows
  • Data on MTTD and MTTR of vulnerabilities across enterprises
  • Why traditional tools aren’t enough to tackle vulnerability remediation
The 2025 State of Vulnerability Management Report
Scroll to Top