Application security is crucial today, but how much money and effort do businesses need to invest to build an effective application security program?
This is a question that causes anxiety for organizations across the board because there is currently no clear answer. With our Managing Application Security report, we’re changing that.
We spent the past several months talking with security leaders at financial institutions and asking them extensive questions about their application security practices. Our research followed three main lines of inquiry:
- What is driving application security programs at your institution?
- How are is your institution structuring its application security program
- Which activities are working at scale for your institution?
We came back with a plethora of valuable — and at times surprising — data. While 75% of financial institutions place high or critical priority on application security, many of them make major oversights when it comes to the tools they use for secure development and the procedures they employ to manage the security of outside vendors. Most have secure coding standards and guidelines,but could not validate how widely the standards were being followed, and only a shocking 8% track the amount of money spent on vulnerability remediation.
Our hope is that our report will offer a new level of insight into security practices for institutions in all industries, and set the benchmark for how companies should invest in application security.
The Managing Application Security Report is out now! Go here to download a copy.