In light of SolarWinds and other high-profile attacks involving the software supply chain, security teams are increasingly scrutinizing the security of their off-the-shelf software. A recent Dark Reading survey of 173 IT and cybersecurity professionals identified different types of risk to enterprise application security, including attackers with deep knowledge of application vulnerabilities, developers untrained in secure coding practices, outsourced applications, and poorly secured infrastructure. Dark Reading’s “How Enterprises Are Developing Secure Applications” report show attitudes over application security risks remain largely unchanged in 2021 compared to 2020, despite the broad disruptions to IT operations associated with the shift to remote work and restrictions associated with the global COVID-10 pandemic. For instance, 34% of respondents in the 2021 survey, compared with 35% last year, say the greatest risk to the security of their application environment is attackers with a deep knowledge of how to exploit app vulnerabilities, and 27% are worried about security issues tied to outsourced applications, compared to 25% last year.
Read the article