A SANS 2021 Survey: Vulnerability Management— Impacts on Cloud and the Remote Workforce


Vulnerability management (VM) continues to be a struggle for many organizations.

To succeed with vulnerability management, it takes a coordinated effort among security, IT (both systems and software development), and the business operations groups. Organizations must also identify, acknowledge, and track the roadblocks and technical debt within the organization.

We conducted similar vulnerability management surveys in 2019 and 2020, we also analyzed some of the changes to determine what progress has been made and identify some of the year-over-year differences.

Some of the key findings and takeaways from the survey include:

  • The percentage of companies with a formal program continues to increase from 63% in 2020 to 75% in 2021 with the remaining participants either having an informal program or planning on creating a formal program in the next 12 months
  • An increase in cloud, container, and custom software development or application VM requirements and capabilities over levels reported in 2019 and 2020, accompanied by maturity across almost all life-cycle phases being comparatively lower for these asset types.

Please fill this form below to download the E-Book

  1-9
  10-49
  50-99
  100-249
  250-499
  500-999
  1000-2499
  2500-4999
  5000+
  Cloud Security
  Automation
  Vulnerability Management
  Incident Detection & Response
  Application Security
  Other
  Tenable
  Qualys
  Tanium
  Kenna Security
  NopSec
  RisklQ
  None of the above
  We do not have a VM Management Solution
  Other (please specify)
  Immediately
  Within the next 3 months
  Within the next 3-6 months
  Within the next 6-12 months
  Within the next 12+