Security News > 2023 > May > Inadequate tools leave AppSec fighting an uphill battle for cloud security

Inadequate tools leave AppSec fighting an uphill battle for cloud security
2023-05-19 03:30

AppSec teams are stuck in a catch-up cycle, unable to keep up with the increasingly rapid, agile dev pace, and playing security defense via an endless and unproductive vulnerability chase, according to Backslash Security.

Far and wide, enterprises are victims of this costly 'defensive tax:' the cost of employing AppSec engineers who chase vulnerabilities rather than drive a comprehensive cloud-native AppSec program is estimated to be upwards of $1.2 million annually.

Given the accelerated pace of digital innovation across enterprises of all sizes and the blurred lines between AppSec and CloudSec, enterprise AppSec teams are saddled with solutions that have not caught up to the cloud pace.

Almost all organizations are seeing a widespread impact of the lack of cloud-native AppSec tools, including growing friction between AppSec and dev teams, jeopardized ability to generate revenue and inability to retain high-value dev talent and AppSec talent; 94% of respondents cited multiple issues with today's AppSec technologies; top complaints were the considerable amount of time spent prioritizing findings and that existing AppSec tools are noisy.

The report emphasizes the urgent need for a new AppSec paradigm that maps a clear path to a modern standard for cloud-native AppSec success, characterized by end-to-end visualization of all microservices, automatic identification and prioritization of real risks, and intelligent triaging and remediation.

"These outdated AppSec methodologies hamper productivity, innovation and talent retention for both AppSec and dev teams. The cloud-native application development paradigm calls for a new, unified approach to application security that will make the friction between development and AppSec teams a thing of the past, enable enterprises to retain valuable talent, and accelerate innovation and growth," added Man.


News URL

https://www.helpnetsecurity.com/2023/05/19/outdated-appsec-methodologies/