SD Elements Logo

Managing Application Security


2018 Application Security Survey by Security Compass

Would you like to participate in the 2018 Application Security Survey?

Fill out this form and we'll be in touch later in the year. Thanks for your interest.

I’d like to participate in the 2018 Managing Application Security Survey

Major Findings in 2017

  • 75% of financial institutions place high or critical priority on application security
  • 69% of application security teams are composed of a central group of application security experts, with champions in individual teams or business units
  • Nearly all respondents have secure coding standards and guidelines, but most could not validate how widely the standards were being followed
  • Only 8% track the amount of money spent on vulnerability remediation
  • Dynamic analysis (DAST) and static analysis (SAST) tools are the 4th and 6th most widely used security tools out of 16 security activities surveyed, however, these tools leave 46% of application-level risks undetected
  • 50% of respondents procure at least half of their software from third-party vendors, and 17% primarily rely on this
  • However, less than 50% require vendors to have an application security policy
  • Only 8% provide detailed application security requirements as part of third-party software vendor contracts