IT vs security pros: Handling appsec

A new report into corporate app security, conducted by runtime application security visibility and protection company Prevoty, shows significant discrepancies between IT and security professionals, when it comes to app security.

The report, entitled "The Real Root Cause of Breaches -- Security and IT Pros at Odds Over AppSec", is based on a poll of more than 1,000 IT and security professionals and says there are major divides in how these two groups handle app updates, app security tuning and backlogging.

Half of IT professionals update an app every one to six months, while half (52 percent) of security experts do it once a day, if not more. The report also says both groups spend significant amounts of time tuning app security solutions -- 80 percent of security professionals’ time is devoted to this, and 40 percent of IT pros’ time.

This means the groups are left with "very little time" to do anything else, the report says.

When it comes to backlogging, security experts said to have up to 5,000 vulnerabilities backlogged, while IT pros none.

"Attacks against web applications are rising dramatically, and protecting these applications continues to be a struggle", said Prevoty CEO and Co-Founder Julien Bellanger. "It’s surprising to discover that so many IT professionals are uninformed about, or under-prioritizing, this phenomenon. Prevoty has been protecting applications against millions of monthly attacks in our three years of production. Bridging the gap between security and IT professionals is critical to take application security to the next level".

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Photo credit: jijomathaidesigners / Shutterstock