Security Leadership Study - Trends in Application Security
Did you Know?
87% of security leaders are either already running a crowdsourced security program or are planning to run one in the next 12 months.
Core benefits of crowdsourced cybersecurity include reduced cost and expanded coverage—the proverbial more-for-less value proposition.
The addition of next-generation penetration testing leads to faster remediation of severe vulnerabilities and lower average testing cost.
The average number of applications in production is about 1,000 applications. While the majority of applications are protected by an application security tool, more than 50% of applications—on average—are unprotected.
During the next 12 months, investments for public cloud-hosted applications and mobile applications are top priorities for all organizations, but more so for large enterprises.
4 out of 5 organizations in this study have adopted DevOps or are planning to integrate cybersecurity processes and controls in the continuous integration and continuous delivery (CI/CD) processes of a DevOps approach (DevSecOps).
Application security testing methods like pentesting have become best practice for vulnerability assessment over the past two decades, but in recent years we’ve seen this method fall short.
While the application development process is speeding up with techniques like agile becoming the norm, the number of data breaches continue to rise in severity and frequency. Running pen tests and static scans alone are no longer sufficient for effective risk reduction in today’s application development environment.
In 2019, CISOs are looking to invest in application security tools that can effectively scale in the same continuous nature as the development process. Security leaders are pushed to keep pace with the fast and disruptive nature of today’s business cycles, with flexible, continuous, contextual and reportable processes, in order to remain competitive.
Download ESG Research Insights Report, Security Leadership Study -- Trends in Application Security and learn:
- Challenges with current application security testing methods
- Crowdsourced security adoption and benefits
- Security leadership application security priorities
- DevSecOps adoption with the enterprise