How to Build a Successful AppSec Program That Doesn’t Give Developers a Hard Time
In the News
How to Build a Successful AppSec Program That Doesn’t Give Developers a Hard Time
Companies are striving to integrate security into each phase of the software development life cycle. However, building software that is hack-proof is a tough task. Here, Eugene Dzihanau, Senior Director, Security Practice Lead at EPAM Systems, discusses best practices to build successful application security programs.
In a 2017 report from Ponemon, based on a survey of 593 IT and IT security practitioners, respondents estimated that the average number of mobile apps in their organizations was 472, with the average number of IoT apps 241. When asked what took priority in the building and deployment of mobile and IoT apps, 62% and 68%, respectively, said end-user convenience. Further, only 30% indicated that their organization allocates sufficient budget to protect mobile apps and IoT devices. That was before the pandemic forced millions to work from home. Now, with distributed workforces and more sophisticated cybercriminals, the urgency to secure apps is greater than ever.
Consider this: In a recent December 2020 article, the author noted that, between January and February 2020, the average web application was attacked 20,000 times. More than 80% of cyberattacks enter through the application layer, which is why application security, or AppSec, is a complicated business but a necessary one for enterprises.