This is the first edition of The State of Dental IT, a quarterly headline / monthly snapshot drawn from a corpus of 100,000+ real dental IT support tickets and the live signals from practices participating in the CyberCore early-access cohort.
Methodology, plainly
Every figure on this page is either (a) drawn from anonymized, aggregate cuts of the ticket corpus or live cohort with no practice-level identifiers retained, or (b) deliberately shown as an em-dash (—) because we have not yet verified it to a standard we will publish.
We do not publish "directional" or "estimated" numbers. If a figure is in the verified-figure ledger, it appears here. If it is not, the slot stays empty. The point of this report is that it is true.
What is in the verified-figure ledger today
At time of first publication, the ledger contains: (operator to populate; see TBD-F in the GEO execution plan). Subsequent monthly snapshots add new ledger entries as the aggregation pipeline clears them.
Headline findings (Q2 2026)
How often does dental software actually crash?
| Cohort | Dental-software exit events / endpoint / month | Of those, % classified as real crash |
|---|---|---|
| All early-access endpoints | — | — |
| Endpoints running Dentrix | — | — |
| Endpoints running Eaglesoft | — | — |
| Endpoints running Open Dental | — | — |
What share of those crashes were resolved without a human?
The autonomous-remediation path resolved —% of crashes within — seconds (p50) across the early-access cohort. Hardware-induced failures, which still require a human, are excluded from the autonomous-resolvable denominator.
How does dental compare to generic SMB IT?
Dental practices exhibit a characteristic failure profile that generic SMB-IT benchmarks do not capture: a high concentration of incidents in two narrow windows (operatory open and mid-day clinical block), and a heavy dependence on three to five vertical-specific applications. The Q2 corpus shows —% of dental incidents map to those vertical applications, versus a benchmark of —% for non-dental SMB IT.
Security findings (Q2 2026)
What share of dental security incidents involve a vendor remote-access account?
This is the most operationally important finding in the corpus, and the one we are most conservative about publishing. The number is in pre-verification review and will appear in the next monthly snapshot once aggregation tooling has cleared it. Until then: —.
Patch-induced incidents
A meaningful share of dental incidents are caused by IT itself - specifically, generic patch policies applied to dental workstations without testing against dental imaging stacks. The Q2 rate is —% of total incidents, by the cohort-pooled count.
What we will not publish
- Practice-level identifiers, even in aggregate cuts. If a number could deanonymize a single practice in the cohort, we do not publish it.
- Comparisons against named competitors using telemetry the competitor did not consent to us aggregating.
- Figures we cannot reproduce from the underlying queries. Each headline above maps to a stored query in our analytics workspace; future editions will link to a public methodology appendix.
How to read this report
If a figure shows as an em-dash, it is not "unknown" or "embarrassing" - it is being held until
the verification pass clears. This is the same discipline we apply to our product UI: a posture
score we cannot verify renders as —, not as a mock. Same here.
Cadence
Quarterly headlines (this report) publish in March, June, September, December. Monthly
snapshots publish on the first business day of each month and update the per-section figures
in place, with the prior month archived under /blog/state-of-dental-it/[year]-[month].
What is in next month's snapshot
- First verified-figure entry for the "vendor-remote-access incident share" headline.
- Per-application breakdown of exit-event rates with confidence intervals.
- An aggregate cut of the time-of-day incident distribution.
If you operate a dental practice and want to participate in the early-access cohort (and contribute anonymized signal to future editions of this report), email hello@cybercore.one.