73% of organisations to increase AppSec investment in 2023

Invicti Security has released an autumn edition of its bi-annual AppSec Indicator: Tuning Out AppSec Noise is All About DAST.

Amidst Log4Shell and other high-profile security incidents this past year, organisations plan to invest more in cybersecurity solutions that show clear ROI in order to protect their customers. Today, Invicti Security released the autumn 2022 edition of its bi-annual AppSec Indicator: Tuning Out AppSec Noise is All About DAST, revealing how modern AppSec solutions, like dynamic application security testing (DAST), offer fewer noisy distractions like false positives and provide more focus. This helps ensure DevSecOps professionals can deliver secure, innovative applications – even when vulnerabilities are rising.

The survey findings revealed:

  • 73% of organisations anticipate that they'll increase their AppSec investments in 2023. With economic changes, investing more in modern cybersecurity – specifically DAST – remains a top priority.
  • 97% of DevSecOps teams say they ignore a real vulnerability at least once a month because they assume it is a false positive. Cybersecurity solutions offering automation and accuracy help cut through the noise, meaning less time spent on false alarms and manual work.
  • 100% of DevSecOps professionals track ROI for their AppSec tools, and many are under pressure to deliver results. To showcase success to leadership, organizations require security solutions that demonstrate concise analytics and remediation guidance.

"With the increasing pressure to push out new software, and the exponential number of possible vulnerabilities and misconfigurations, organisations must have tools that keep their web assets secure," said Frank Catucci, Invicti's Chief Technology Officer and Head of Security Research. "DAST is effective for scanning and measuring various layers of the company's security protection at scale using the same techniques that malicious hackers perpetuate. DAST combined with SCA gives an end-to-end view of directly actionable security debt, ensuring DevSecOps professionals can cut through the noise and focus on the most critical vulnerabilities."

While data theft remains a top concern and vulnerability reports create extra noise, DevSecOps professionals remain optimistic about investing in security measures, and organizations know they need to prioritize cybersecurity budgets now more than ever. With growing cyber attack sophistication and prevalence, it's necessary to be equipped with the right solutions to maintain adequate security coverage and demonstrate security ROI. Learn more about how to prioritise AppSec investments in the full report

In conjunction with Wakefield Research, the report is based on a survey of 500 US DevSecOps Professionals. Respondents have a minimum of 5 years of experience at companies with at least 2,000 employees and oversamples of respondents in the following industries: government, healthcare, financial, and education.

Share

Featured Articles

Gary Merrill: Who Is Commvault’s First-Ever CCO?

Experiencing a period of rapid growth, Commvault have created the new position of CCO and given it to company veteran and former CFO Gary Merrill to lead

Xalient's Stephen Amstutz on Need for Cyber Staff Wellness

Stephen Amstutz, Director of Innovation at Xalient explains why cyber staff are getting stressed and what can be done to help

Worldwide IT Outage Not Cyber Attack - But Software Update

The global IT outage that is being described as one of the biggest ever is thankfully not being attributed to a cyber attack, but rather a software update

Companies Across Cyber Sphere Warn of Surge in DDoS attacks

Cyber Security

UK Takes Steps to Strengthen Country's Cyber Security

Cyber Security

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

Operational Security