At the close of 2016, we surveyed 100 CISOs and decision makers to get a sense of their 2017 security priorities. The full report will be released next week. In the meantime, you can learn more about a few of the top application security focus areas and challenges in our previous post. This post will build on those trends, diving into specific tools and best practices appsec organizations are using.
Top Utilization of Application Security Tools
- Penetration testing is, across the board, the most utilized application security practice; over 80% of respondents utilize penetration testing in their current application security program.
- The next most utilized tools and practices are incident response teams and processes (79%) and application vulnerability scanning (71%).
- The least used methods are static analysis (39%) and threat modeling (50%).
While there is saturation across many application security methods, products and services, breaches still occur, and hacking is the overwhelming cause.
How do Bug Bounties fit into AppSec?
- How CISOs and appsec leaders perceive bug bounty programs
- What challenges bug bounties are alleviating, and why they are becoming more and more crucial to security organizations
- If a bug bounty is right for your organization
Sign up to get the full report when it is released January 31st: