73% of organisations to increase AppSec investment in 2023

Invicti Security has released an autumn edition of its bi-annual AppSec Indicator: Tuning Out AppSec Noise is All About DAST.

Amidst Log4Shell and other high-profile security incidents this past year, organisations plan to invest more in cybersecurity solutions that show clear ROI in order to protect their customers. Today, Invicti Security released the autumn 2022 edition of its bi-annual AppSec Indicator: Tuning Out AppSec Noise is All About DAST, revealing how modern AppSec solutions, like dynamic application security testing (DAST), offer fewer noisy distractions like false positives and provide more focus. This helps ensure DevSecOps professionals can deliver secure, innovative applications – even when vulnerabilities are rising.

The survey findings revealed:

  • 73% of organisations anticipate that they'll increase their AppSec investments in 2023. With economic changes, investing more in modern cybersecurity – specifically DAST – remains a top priority.
  • 97% of DevSecOps teams say they ignore a real vulnerability at least once a month because they assume it is a false positive. Cybersecurity solutions offering automation and accuracy help cut through the noise, meaning less time spent on false alarms and manual work.
  • 100% of DevSecOps professionals track ROI for their AppSec tools, and many are under pressure to deliver results. To showcase success to leadership, organizations require security solutions that demonstrate concise analytics and remediation guidance.

"With the increasing pressure to push out new software, and the exponential number of possible vulnerabilities and misconfigurations, organisations must have tools that keep their web assets secure," said Frank Catucci, Invicti's Chief Technology Officer and Head of Security Research. "DAST is effective for scanning and measuring various layers of the company's security protection at scale using the same techniques that malicious hackers perpetuate. DAST combined with SCA gives an end-to-end view of directly actionable security debt, ensuring DevSecOps professionals can cut through the noise and focus on the most critical vulnerabilities."

While data theft remains a top concern and vulnerability reports create extra noise, DevSecOps professionals remain optimistic about investing in security measures, and organizations know they need to prioritize cybersecurity budgets now more than ever. With growing cyber attack sophistication and prevalence, it's necessary to be equipped with the right solutions to maintain adequate security coverage and demonstrate security ROI. Learn more about how to prioritise AppSec investments in the full report

In conjunction with Wakefield Research, the report is based on a survey of 500 US DevSecOps Professionals. Respondents have a minimum of 5 years of experience at companies with at least 2,000 employees and oversamples of respondents in the following industries: government, healthcare, financial, and education.


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI