Organizations Shift Further Left in App Development

Most IT and security professionals surveyed think security is a critical enough reason to pause app development.

Dark Reading Staff, Dark Reading

June 4, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

A new survey finds 78% of IT and security professionals think security is important enough to delay application deployment.

Dark Reading surveyed 173 IT and cybersecurity pros on a variety of topics related to application security, software development practices, commercial software use, and the relationship between enterprise IT security groups and software development teams.

The results reveal many organizations have shifted — and continue to shift — some security testing practices further left, or earlier, in the software development lifecycle. They also show continued improvements over the past year on broad attitudes toward the adoption of secure development processes, DevOps, DevSecOps, and application security assessment and remediation practices. Among respondents, 72% perceive the average application developer at their organization as being either "very knowledgeable" or "somewhat knowledgeable" about security.

Other survey highlights include:

  • 34% believe attackers with deep knowledge of application vulnerabilities present the greatest threat to app security.

  • 52% say incidents like the SolarWinds breach have caused changes in their evaluation and vetting processes for third-party app providers; 53% describe such apps as putting them at greater risk of a breach.

  • 49% of organizations have an agile development process and have either fully or partially adopted a DevOps approach to software development.

  • 59% of respondents believe their organization is either "very knowledgeable" or "knowledgeable" about remediating new app vulnerabilities.

  • 41% of organizations treat API security the same as Web application security.

Download Dark Reading's report How Enterprises Are Developing Secure Applications here.

About the Author

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars

Editor's Choice

A woman sitting at a laptop and holding a mobile device, the screens of both displaying a green check mark in a circle
Cyberattacks & Data Breaches
Researchers Crack Microsoft Azure MFA in an HourResearchers Crack Microsoft Azure MFA in an Hour
byElizabeth Montalbano, Contributing Writer
Dec 11, 2024
4 Min Read
The words "zero-day" written in a line of code on a computer screen
Application Security
Microsoft NTLM Zero-Day to Remain Unpatched Until AprilMicrosoft NTLM Zero-Day to Remain Unpatched Until April
byJai Vijayan, Contributing Writer
Dec 9, 2024
3 Min Read
A patchwork quilt
Application Security
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch TuesdayMicrosoft Fixes Active Zero-Day, Critical RCEs on Patch Tuesday
byTara Seals, Managing Editor, News, Dark Reading
Dec 10, 2024
5 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers