Reactive approaches often sideline larger projects.
Vulnerable and outdated components are the primary elements affecting organisations' security posture.
The 2025 State of Vulnerability Management & Remediation Report from ActiveState found 20 percent of the 300 respondents cited those components. When a vulnerability is discovered, almost half (45.16%) of respondents' organisations act immediately with a hotfix.
This reflects a reactive approach to addressing security threats as they arise, potentially sidelining planned roadmap items and feature enhancements due to the immediate need to address the vulnerability.
Also 27 percent of respondents said that their biggest challenge to responding faster and more securely to vulnerability management is a lack of skills within their teams.
Scott Robertson, CTO, ActiveState, said: "By embracing automation, intelligence, and a proactive mindset, organisations can strengthen their security posture, accelerate innovation, and reduce overall risk."
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
