Veracode recently sponsored Enterprise Strategy Group’s (ESG) survey of 378 developers and security professionals in North America to better understand the dynamics between these teams and to understand their application security challenges and priorities.
The report highlights five key insights:
- Most think their application security programs are solid, though many still push vulnerable code.
- Multiple security testing tools are needed to secure the potpourri of application development and deployment models in use today.
- Developer security training is spotty, and programs to improve developer security skills are lacking.
- The proliferation of AppSec testing tools is an issue for many, with more than a third focusing investment on consolidation.
- Organizations are investing, with more than half planning to significantly increase spending on application security.
To read the rest of the findings, download the full report, Modern Application Development Security.