Intelligent CISO Issue 44 | Page 61

C developer-centric application security testing ( AST ) solutions , has unveiled the findings of its new global report , AppSec : The View from Security and Software Development Experts . The report was commissioned by Checkmarx and developed with Censuswide to spotlight the biggest security challenges that application security ( AppSec ) managers and software developers are facing within their organisations in today ’ s threat landscape .

Study uncovers trends in breaches , supply chain loopholes and security confidence

heckmarx , a global leader in

C developer-centric application security testing ( AST ) solutions , has unveiled the findings of its new global report , AppSec : The View from Security and Software Development Experts . The report was commissioned by Checkmarx and developed with Censuswide to spotlight the biggest security challenges that application security ( AppSec ) managers and software developers are facing within their organisations in today ’ s threat landscape .

Report findings are based on online survey input from two samples of 754 AppSec managers and 770 software developers , collected globally between August 10 and August 31 , 2021 .
“ Security breaches within the enterprise have unfortunately become a societal norm , so identifying those gaps and creating the solutions to eliminate them is integral to the success of businesses today ,” said Maty Siman , Checkmarx Founder and CTO . “ Overcoming these security challenges should be a top priority for modern organisations , and the results of this report attest to the specific needs of our trusted AppSec and developer communities .”
Following an AppSec-related incident , 38 % of AppSec managers and software developers said their organisations deployed penetration testing exercises to prevent future breaches . Meanwhile , 40 % of software developers stated their organisations issued mandatory AppSec training .
Despite multiple breaches in the last year due to vulnerable applications , 81 % of developers remained confident
Security breaches within the enterprise have unfortunately become a societal norm , so identifying those gaps and creating the solutions to eliminate them is integral to the success of businesses .
in their ability to build a secure product , showcasing a commitment to selecting the proper tools to protect their organisations .
More than a quarter ( 26 %) of respondents cited ‘ gaining visibility into open source packages being utilised in custom applications ’ as the biggest
challenge when visualising and securing their software supply chains . A good proportion ( 49 %) of software developers said they are adopting a DevSecOps model with security as a supply chain focus to lessen their risk of a breach , with 42 % of AppSec managers saying the same .
Over half of AppSec managers and software developers ( 54 %) stated that the shift to the cloud increased their concerns around secure application development . However , each group ’ s challenges differed : AppSec managers struggled the most with adopting cloud native security testing methodologies ( 37 %), whereas software developers had more difficulty with effectively and efficiently monitoring applications running in the cloud ( 41 %).
Software developers said they receive application security and awareness training six times a month on average . The major concern lies in the effectiveness of the training as 23 % of developers and only 17 % of AppSec managers described the training as effective . u
intelligent SOFTWARE SECURITY
www . intelligentciso . com
61