2018 Application Security Survey by Security Compass
Would you like to participate in the 2018 Application Security Survey?
Fill out this form and we'll be in touch later in the year. Thanks for your interest.
I’d like to participate in the 2018 Managing Application Security Survey
Major Findings in 2017
75% of financial institutions place high or critical priority on application security
69% of application security teams are composed of a central group of application security experts, with champions in individual teams or business units
Nearly all respondents have secure coding standards and guidelines, but most could not validate how widely the standards were being followed
Only 8% track the amount of money spent on vulnerability remediation
Dynamic analysis (DAST) and static analysis (SAST) tools are the 4th and 6th most widely used security tools out of 16 security activities surveyed, however, these tools leave 46% of application-level risks undetected
50% of respondents procure at least half of their software from third-party vendors, and 17% primarily rely on this
However, less than 50% require vendors to have an application security policy
Only 8% provide detailed application security requirements as part of third-party software vendor contracts