Legit Security has released a report on development trends driving the modernization of AppSec programs and pressing challenges to underscore the need to modernize AppSec practices to support growth and mitigate risks.
The report shows that application teams face difficulties with the speed and volume of releases, and prioritizing remediation, highlighting the importance of a modernized approach and alignment with development and DevOps teams for improved collaboration.
Most organizations reported difficulties fixing vulnerabilities after applications were deployed, reinforcing the significance of incorporating security processes and tools in the build process and challenges concerning developers’ methods, such as unsecured secrets, pipeline tools, containers, and source code repositories.
Key findings include:
- 60% use Infrastructure as Code (IaC) templates to simplify provisioning cloud infrastructure/quickly deploy software apps; 67% are experiencing increasing misconfigurations
- The top challenge for AppSec teams supporting cloud-native dev processes is understanding and managing risk associated with GenAI (45%).
- 59% release new builds multiple times per week or more; faster development cycles challenges: prioritize remediation, lack of visibility and control, and software released without security testing.
- Most use (64%) or plan to use (21%) GenAI or chatbot for code development. 83% of organizations are concerned about the visibility and discovery of developer usage of Gen AI
- AI or gen AI (36%) is the most susceptible to compromise and concerning element in the cloud-native application stack.
- Only 39% of organizations report that their security teams have visibility for specific applications, reinforcing the necessity for visibility into security testing in development.
You can read the report here. There’s also a blog entry regarding this here.
Like this:
Like Loading...
Related
This entry was posted on August 16, 2024 at 9:04 am and is filed under Commentary with tags Legit Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Research: Current Development Trends Significantly Challenging Application Security Modernization
Legit Security has released a report on development trends driving the modernization of AppSec programs and pressing challenges to underscore the need to modernize AppSec practices to support growth and mitigate risks.
The report shows that application teams face difficulties with the speed and volume of releases, and prioritizing remediation, highlighting the importance of a modernized approach and alignment with development and DevOps teams for improved collaboration.
Most organizations reported difficulties fixing vulnerabilities after applications were deployed, reinforcing the significance of incorporating security processes and tools in the build process and challenges concerning developers’ methods, such as unsecured secrets, pipeline tools, containers, and source code repositories.
Key findings include:
You can read the report here. There’s also a blog entry regarding this here.
Share this:
Like this:
Related
This entry was posted on August 16, 2024 at 9:04 am and is filed under Commentary with tags Legit Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.