27% of respondents reported using the Atlassian Suite/JIRA for tracking vulnerability remediation.

Seventy-eight percent of organizations reported finding fewer than five vulnerabilities per machine per month, according to a survey of IT and security teams.

33% of organizations reported remediating critical vulnerabilities within one to three days in 2025, compared to 32% for high-importance vulnerabilities.

Only 9% of security and IT operators being 'very confident' in their remediation capabilities in 2025.

38% of organizations reported remediating critical vulnerabilities within 24 hours in 2025, compared to 35% for high-importance vulnerabilities.

Almost 50% of organizations reported using more than five security tools in 2025.

60% of IT and security operators do not have any remediation SLAs in 2025, and among those that track SLAs, 65% have to analyze data manually.

53% of security and IT teams experiencing tool sprawl reported low confidence in remediation in 2025, compared to 35% who do not experience tool sprawl.

33% of respondents stated that more remediation guidance and code snippets would help them remediate significantly faster in 2025.

33% of respondents reported using manual processes, such as spreadsheets, for tracking vulnerability remediation marking a significant reliance on non-automated methods.

14% reported using Azure DevOps for tracking vulnerability remediation.

28% of respondents indicated that automated ticket tracking instead of just 'fire and forget' would help them remediate significantly faster.

34% of respondents believe that automated remediation integrated into a CI pipeline would speed up remediations.

50% of respondents identified the risk of breaking applications or dependencies as a pain point for automation.

36% of organizations indicated that their remediation processes are mostly automated with some manual steps.

29% of respondents indicated that lack of clean integration with existing CI/CD and ITSM tools was a concern in 2025.

Two-thirds of respondent organizations lack an automated method for reporting on SLAs.

22% of respondents cited basic organizational resistance as a pain point for automation.

24% of respondents believe that more ownership from DevOps/platform engineers would help them remediate significantly faster in 2025.

35% of respondent organizations are not currently using their CI/CD pipelines for remediation but want to in 2025.