In a digital economy, application security is crucial to success. In this new report, TechTarget’s Enterprise Strategy Group identified important best practices for building effective application security programs.
Only 52% of companies say they can effectively remediate a critical vulnerability.
Similarly, just 41% are very confident in their ability to manage the security and compliance risks associated with open source software components used within internally developed applications.
The result: Organizations face serious consequences from security incidents.
The report identifies key patterns among organizations that could efficiently remediate critical vulnerabilities compared to those that could not. The following are some of the best practices organizations can use to measurably improve their security program effectiveness.
Establish strong collaboration
Organizations that report the ability to efficiently remediate vulnerabilities were much more likely to encourage collaboration between application development, security, and operations to build a culture of security (52% versus 34%).
Companies that can keep up with critical vulnerabilities reported that their application development teams are taking on more security responsibilities with support and help from the security team (36% versus 22%). This shows the effectiveness of security taking on an oversight and guidance role while developers are tapped to put security fixes into place.
Companies that can efficiently remediate vulnerabilities were much more likely to say their security team is entirely centralized and separate from development teams (53% versus 30%).
Organizations able to efficiently remediate vulnerabilities were also more likely to say they view being able to answer questions about their code – such as knowing its source — as critical (49 percent vs. 31 percent).
Download to get the complete list of best practices for effective application security