73% of organisations to increase AppSec investment in 2023

Invicti Security has released an autumn edition of its bi-annual AppSec Indicator: Tuning Out AppSec Noise is All About DAST.

Amidst Log4Shell and other high-profile security incidents this past year, organisations plan to invest more in cybersecurity solutions that show clear ROI in order to protect their customers. Today, Invicti Security released the autumn 2022 edition of its bi-annual AppSec Indicator: Tuning Out AppSec Noise is All About DAST, revealing how modern AppSec solutions, like dynamic application security testing (DAST), offer fewer noisy distractions like false positives and provide more focus. This helps ensure DevSecOps professionals can deliver secure, innovative applications – even when vulnerabilities are rising.

The survey findings revealed:

  • 73% of organisations anticipate that they'll increase their AppSec investments in 2023. With economic changes, investing more in modern cybersecurity – specifically DAST – remains a top priority.
  • 97% of DevSecOps teams say they ignore a real vulnerability at least once a month because they assume it is a false positive. Cybersecurity solutions offering automation and accuracy help cut through the noise, meaning less time spent on false alarms and manual work.
  • 100% of DevSecOps professionals track ROI for their AppSec tools, and many are under pressure to deliver results. To showcase success to leadership, organizations require security solutions that demonstrate concise analytics and remediation guidance.

"With the increasing pressure to push out new software, and the exponential number of possible vulnerabilities and misconfigurations, organisations must have tools that keep their web assets secure," said Frank Catucci, Invicti's Chief Technology Officer and Head of Security Research. "DAST is effective for scanning and measuring various layers of the company's security protection at scale using the same techniques that malicious hackers perpetuate. DAST combined with SCA gives an end-to-end view of directly actionable security debt, ensuring DevSecOps professionals can cut through the noise and focus on the most critical vulnerabilities."

While data theft remains a top concern and vulnerability reports create extra noise, DevSecOps professionals remain optimistic about investing in security measures, and organizations know they need to prioritize cybersecurity budgets now more than ever. With growing cyber attack sophistication and prevalence, it's necessary to be equipped with the right solutions to maintain adequate security coverage and demonstrate security ROI. Learn more about how to prioritise AppSec investments in the full report

In conjunction with Wakefield Research, the report is based on a survey of 500 US DevSecOps Professionals. Respondents have a minimum of 5 years of experience at companies with at least 2,000 employees and oversamples of respondents in the following industries: government, healthcare, financial, and education.


Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security