Most IT and security professionals surveyed think security is a critical enough reason to pause app development.
A new survey finds 78% of IT and security professionals think security is important enough to delay application deployment.
Dark Reading surveyed 173 IT and cybersecurity pros on a variety of topics related to application security, software development practices, commercial software use, and the relationship between enterprise IT security groups and software development teams.
The results reveal many organizations have shifted — and continue to shift — some security testing practices further left, or earlier, in the software development lifecycle. They also show continued improvements over the past year on broad attitudes toward the adoption of secure development processes, DevOps, DevSecOps, and application security assessment and remediation practices. Among respondents, 72% perceive the average application developer at their organization as being either "very knowledgeable" or "somewhat knowledgeable" about security.
Other survey highlights include:
34% believe attackers with deep knowledge of application vulnerabilities present the greatest threat to app security.
52% say incidents like the SolarWinds breach have caused changes in their evaluation and vetting processes for third-party app providers; 53% describe such apps as putting them at greater risk of a breach.
49% of organizations have an agile development process and have either fully or partially adopted a DevOps approach to software development.
59% of respondents believe their organization is either "very knowledgeable" or "knowledgeable" about remediating new app vulnerabilities.
41% of organizations treat API security the same as Web application security.
Download Dark Reading's report How Enterprises Are Developing Secure Applications here.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024