RSS feed Get our RSS feed

News by Topic

BizReport : White Papers : IT - Security

SANS Survey on Application Security Programs and Practices

Organizations are continuing to invest more in application security. Last year more than one-third of those surveyed did not have an Appsec program in place. More than 80% have formal programs in place, and most of these organizations are doing something about Appsec now or are planning to implement a program in the coming year. More organizations will spend more on application security next year (more than 58% plan to increase spending in the next 12 months).

So far, however, most of these programs are not proving to be effective.

Organizations continue to rely heavily on looking for security vulnerabilities after the fact (using black box dynamic testing and vulnerability scanning tools and services, as well as pen testing) and blocking these vulnerabilities with application firewalls and intrusion prevention systems. The good news is that organizations are taking advantage of better tools and online services to test their applications for security vulnerabilities much more frequently, even testing continuously, which could dramatically shorten vulnerability windows—if developers can fix the bugs when they are found.

The bad news is that organizations are not attacking the root cause of application security problems. Download this paper to learn more.

Click here to request your free White Paper!




Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.