LATEST INTELLIGENCE
SEAMLESS APPLICATION
SECURITY: SECURITY AT THE
SPEED OF DEVOPS
PRESENTED BY
Download whitepaper here
The Current Application Security Problem
In recent years, software went from being a support
function of business to an innovation center,
becoming the essential competitive differentiator
for most businesses in every vertical and size. With
this shift in the role of software, businesses today are
dramatically increasing the number of applications
and the frequency of releases, with little thought
given to non-functional requirements. In addition,
modern applications are increasing in complexity due
to the need for speed, and as a result, developers’
reliance on code re-use as well as open source and
commercial (COTS) components has increased
dramatically. This has huge implications on security
teams to find and manage vulnerabilities. As a
consequence, some of the notable security breaches
in recent years were due to vulnerabilities in third
party code components.
With business needs in the driver’s seat,
applications are proliferating via websites, social
14
INTELLIGENTCIO
media platforms like Facebook, Mobile and Cloud
applications. Furthermore, some applications
are driven by marketing teams and created with
3rd party software. These applications are often
outside the normal business processes with little or
no governance.
On top of all the challenges created by increased
number of applications, increasing complexity
and faster releases, regulations like GDPR and
capturing customer data for business purposes
has become the norm. Having multiple instances
of customer data increases the likelihood and
impact of a breach. This is especially concerning
because the majority of security breaches today
are due to application vulnerabilities. According
to Micro Focus® Software Security Research’s
2018 Application Security Risk Report, 80% of
applications contain at least one critical or high
vulnerability and 90% of security incidents are
from exploits against defects in the design or code
of software. n
www.intelligentcio.com