Post by Synack Red Team

One stat that stood out to me recently: on average, organizations test only ~32% of their attack surface. Not that surprising given today’s reality: - cloud + ephemeral assets - APIs everywhere - constant change Feels like traditional, point-in-time pentests can’t keep up. Curious how others see this: 👉 Is coverage the real problem now—not just findings? 👉 How are you thinking about breadth (AI) vs. depth (human)? I’ll share the research in the comments. Ryan Rutan