After we launched the newest Forrester Analytics Enterprise Technographics® Safety Survey, it was summer season of 2020. We’d been in quarantine for about three months, and corporations had lengthy since realized that they wanted to digitally rework their companies (and quick) in an effort to survive the brand new regular. That meant loads of software growth, as corporations:
- Created model new purposes to help services and products that have been beforehand delivered solely in particular person.
- Up to date present software capabilities to account for brand spanking new use instances and large scale.
The chance on the time was that the business-driven dash to digitally rework might exclude software safety fully, leaving new and expanded on-line presences extensive open to a variety of assaults. Fortunately, software safety didn’t fall by the wayside. Whereas there was a gradual stream of application-based breaches all year long (sure, purposes are nonetheless the commonest approach in for attackers), safety execs are conscious of and responding to the problem.
My newest report, “The State Of Application Security, 2021,” attracts closely from that safety survey talked about above, and by far essentially the most encouraging piece of knowledge I share within the report is about how safety execs are prioritizing software safety. When requested about their high tactical priorities for the approaching yr, enhancing software safety was the commonest response, and constructing safety into the event course of was within the high 10. That latter precedence exhibits up within the variety of safety groups persevering with to shift left and construct safety tooling into the design and growth phases of the software program growth lifecycle. Safety distributors are supporting these initiatives by including options and integrations that help the developer’s workflow.
It’s not all rainbows and pandemic puppies after all: Many safety specialists bored at dwelling throughout quarantine occupied themselves with bug bounties and proved that software flaws are extra prevalent than ever: Bugcrowd reported a 50% increase in bug bounty submissions over the prior yr. We nonetheless see groups struggling to remediate vulnerabilities shortly, whereas API and container adoption current new assault surfaces to guard. Total, although, the said prioritization on software safety mixed with the aggressive adoption of a variety of safety instruments point out that many organizations are shifting in the suitable route.
In case your group hasn’t made software safety a high precedence, begin now. Use “The State Of Application Security, 2021” to learn the way your friends are trying on the drawback, and encourage your staff to undertake the approaches advisable within the report. As all the time, I’m out there for inquiries if you happen to’d like to debate any of the tendencies or suggestions in additional element.