Over 60% Of Organizations Prioritize Speed Over Security When Releasing Software.
The Purple Book Community Releases “State of Application Security Operations” survey which reveals troubling priorities for development organizations.
PALO ALTO, Calif., June 6, 2022 -The Purple Book Community, a community of top security leaders along with ArmorCode, the leader in AppSecOps, today announced the release of the “State of Application Security Operations 2022”. The survey of over 500 application security and development professionals, revealed that many businesses are prioritizing delivery speed over security.
More than 63% of respondents agree with the statement, “Shipping applications fast takes priority over shipping secure,” and over 42% admit to having “unmanaged risk in their portfolio.” However, 71% say they have sufficient application security data to understand the security risk to the business but 60% respond that their organizations lack the visibility to properly vett applications before they launch.
“The survey findings illustrate that businesses are underwater when it comes to application security,” said Nikhil Gupta, CEO and founder of ArmorCode. “It’s not a lack of awareness that their applications are launching in an insecure state, it’s their inability to keep up with the speed that applications must be launched and updated to stay competitive as a business. Businesses are willing to sacrifice security so that they can maintain the necessary agility to stay competitive.”
In efforts to keep pace with developer teams, the survey highlighted a few ways organizations are attempting to better secure applications before they launch. Respondents ranked “Automation of critical AppSec workflows” as their number one priority for the next twelve months, and efforts are being made to tighten the relationship with DevOps and AppSec teams and hire more talent. Other findings included:
- Respondents ranked “AppSec tools embedded into the DevOps pipeline” as the #1 AppSec initiative
- “Collaboration between Security and Development teams” is both a top 3 challenge and focus for respondents over the next 12 months
- “Hiring qualified application security engineers” was ranked as the #1 challenge for building a successful AppSec program.
Stop by the ArmorCode booth, (Early Stage Expo, booth #6) at RSA 2022 to learn more about the state of Application Security Operations, or download the full report here.