Security is a journey
More than 70% of companies are at least somewhat concerned with the security of the applications that their organization released, despite the majority of firms—51%—believing that at least three-quarters of their applications are covered by their security testing.
"Companies often have an optimistic outlook on their coverage. In reality, most don't know whether they have a particular program covered, or they just think they do."
Are we there yet?
As the number of threats reported by companies grows, organizations have focused more on security, and application security is an important element of that program. About one in three companies had or suspected they had a breach due to a web application vulnerability, the survey found. For organizations embarking on DevOps, much of their security testing can be integrated into the development lifecycle, along with compliance checks and quality control.
Overall, companies are on the right track, said Kennedy.
“They are spending more on security, doing more, and the posture is better. It’s natural that they continue to worry about advances in tactics and attacks.”