The report is based on a survey of 125 IT operations and security professionals conducted by Mondoo and Virtual Intelligence Briefing (ViB). One of the main conclusions is that confidence in vulnerability remediation ability is pretty low across the board: Fewer than one in ten respondents (9%) were ‘very confident’ in their ability to remediate known vulnerabilities in a timely manner.
This low confidence doesn’t come as a surprise, since the report also uncovers several problems facing remediation teams, such as tool sprawl, alert fatigue, recurring vulnerabilities, cumbersome manual processes, infrequent reporting, and lack of visibility and detail. The low adoption of automation and AI in remediation workflows is particularly concerning. With attackers already deploying Agentic AI to launch attacks in minutes, defenders will struggle to keep pace if they continue to rely on manual processes.
“Organizations are facing a perfect storm when it comes to vulnerability remediation. Alert fatigue, fragmented tooling, and manual workflows are undermining their ability to respond effectively to increasingly sophisticated AI-driven attacks. Mondoo's State of Vulnerability Remediation report outlines a critical need for AI-driven automation and unified workflows to help close this risk gap.
- Tyler Shields, Principal Analyst at Omdia Research
Top Survey Findings
Below are several important findings from the 2025 State of the Vulnerability Remediation Report:
#1. Remediation workflows are still mostly manual
The majority of respondents (62%) have manual remediation workflows, and only 2% are fully automated. Manual processes make it extremely hard to keep up with the thousands of vulnerabilities that are constantly being discovered, and defend against bad actors using AI to launch attacks at machine speed.
#2. Remediation reporting is ad hoc and infrequent
More than half of respondents (52%) say they report ‘quarterly’, ‘rarely’, or ‘never’ on their remediation efforts. Only 18% run weekly reports. 39% of respondents don’t use a vulnerability remediation tracking tool, and have to rely on manual tracking using spreadsheets. Without regular reporting, it’s very difficult to track progress, manage risk, and ensure accountability.
#3. Lack of remediation guidance is a major pain point
Respondents say that the most significant way remediation can be accelerated is by auto creating tickets with all the relevant information included (44%). Better prioritization (40%) and automated remediation integrated into CI pipeline (34%) are also listed as important factors that would speed up remediation.
#4. Recurring vulnerabilities are too common
A combined 40% of respondents experience recurring vulnerabilities, with 26% seeing between 6% and 10% of vulnerabilities recur. Even though at first glance the numbers don’t seem that high, the reality is that any number of recurrences is too much. Each time a vulnerability fails, it triggers a disruptive workflow that diverts everyone from their current priorities and forces them to spend time on something they hadn’t planned on doing, and creates new opportunities for attackers to infiltrate the environment.
#5. Redeployment is main cause of vulnerability recurrence
44% say vulnerabilities are reintroduced during redeployment. Not fixing the root cause of issues is likely a driver of vulnerability recurrence, given that vulnerabilities not fixed in IaC or containers are bound to recur.
Get the full report
Download the full report to learn about:
- Our top 10 key findings
- Detailed survey statistics in 15 subject areas
- Actionable recommendations
About Mondoo
Mondoo is the world’s first agentic vulnerability management platform that eliminates - not just categorizes - vulnerabilities. Global enterprises trust Mondoo to prioritize risks by business impact and exploitability through its patented AI-native security model that collects structured, context-aware data from the entire IT infrastructure. Mondoo’s customers have reduced vulnerabilities and policy violations by 50% and significantly reduced MTTR. With seamless ITSM integrations and transparent security pipelines, Mondoo enables autonomous remediation and continuous compliance. Mondoo bridges the gap between security and engineering - delivering intelligent recommendations and actionable insights to fix vulnerabilities that matter most to the business.
