Whenever you visit our websites, information may be collected using cookies and similar tools to improve your user experience and to enhance the performance of the website.
Closing this message means you accept the use of cookies.
Most Think Their Application Security Program Is Solid, Though Many Still Push…
Multiple Security Testing Tools Are Needed to Secure the Potpourri of Applicatio…
Developer Security Training Is Spotty, and Programs to Improve Developer Securit…
The Proliferation of Application Security Testing Tools Is an Issue for Many
Organizations Are Investing, With More Than Half Planning to Significantly Incre…
Conclusion
Research Methodology
Respondent Demographics
ESG Research Report: Securing Modern Application Development Environments
ESG Research Report
Dec 29, 2020
DevSecOps has moved security front and center in the world of modern development; however, security and development teams are driven by different metrics, making objective alignment challenging. This is further exacerbated by the fact that most security teams lack an understanding of modern application development practices. The move to microservices-driven architectures and the use of containers and serverless have shifted the dynamics of how developers build, test, and deploy code. As a result, a convergence of application security tools is underway. Organizations are overwhelmed with the amount of and overlap in issues raised from multiple testing tools, complicating prioritization and mitigation, so integrated application security platforms are desired.
In order to gain insight into these trends, ESG surveyed 378 IT, cybersecurity, and application development professionals at organizations in North America (US and Canada) involved with securing application development tools and processes.
Page Count: 24
Table of Contents
Executive Summary
Report Conclusions
Introduction
Research Objectives
Research Findings
Most Think Their Application Security Program Is Solid, Though Many Still Push Vulnerable Code
Multiple Security Testing Tools Are Needed to Secure the Potpourri of Application Development and Deployment Models in Use Today
Developer Security Training Is Spotty, and Programs to Improve Developer Security Skills Are Lacking
The Proliferation of Application Security Testing Tools Is an Issue for Many
Organizations Are Investing, With More Than Half Planning to Significantly Increase Spending on Application Security Over the Prior Year, and More than a Third Focusing Investments on Consolidation