A deep dive into security issues
In August 2020, the Enterprise Strategy Group (ESG) published its report, “Modern Application Development Security.” ESG is a company specialized in IT-related research. It provides market intelligence to companies all over the world. To compile its report, ESG surveyed 378 cybersecurity, application development and IT professionals based in North America (the U.S. and Canada). Those professionals were involved to some extent in security work on application development processes and tools.
This article provides a summary of ESG’s Modern Application Development Security report. More specifically, it will discuss in detail the following findings:
Many professionals wrongly believe their application security programs are secure The security of application development and deployment models needs to be ensured by using multiple security testing tools The security training of developers is inadequate The abundance of AppSec testing tools confuses organizations Many organizations invest or plan to invest in improving their application security processes Many professionals wrongly believe their application security programs are secure
According to ESG’s Modern Application Development Security report, more than one-third of the interviewed professionals evaluated the security of their application security programs with a rating of 9 or 10 (0 to 10