informa
Quick Hits

Secure App Development Can Lead To Cost Savings, Study Says

Companies that fix vulnerabilities during development process could save as much as $2.4 million a year, according to report
If you could find and fix security flaws before the application is deployed, instead of afterward, then your organization would save money. But how much could you really save?

That's the question studied in a new report published today by ROI consultancy Mainstay Partners and Fortify Software. The report suggests that the cost savings of secure software development could be substantial.

"The study found that companies are realizing substantial benefits from [secure software assurance] right out of the box, saving as much as $2.4M per year from a range of efficiency and productivity improvements, including faster, less-costly code scanning and vulnerability remediation, and streamlined compliance and penetration testing," the report says.

The study looked at 17 large enterprises that implemented Fortify's Secure Software Assurance (SSA) practices, and measured the time and costs saved after the transition. In most cases, software vulnerabilities were reduced from hundreds to tens, and repeat vulnerabilities were all but eliminated. Average time to fix flaws went from weeks to hours, the study says.

"This report helps to show that the benefits of SSA are measurable," says Roger Thornton, CTO and founder of Fortify, which is being acquired by Hewlett-Packard. "If you build code better, the cost of building the code goes down."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Recommended Reading: