It’s always a good thing to take a step back every once in a while to take the lay of the land. Like you, we are always working at a breakneck pace to help secure the web applications being built today and ready ourselves to secure the innovations of the future. When Forrester put out The State of Application Security, 2022 report a few weeks ago, we thought it was a great time to share where we think AppSec is headed and several places where we agree with Forrester’s take on the state of play.
Here are a few of the highlights.
Modern apps require end-to-end SDLC coverage
When we think of the software development life cycle (SDLC), there is always a key focus on “shifting left.” This makes sense: We want to find security vulnerabilities earlier to save time, money, and risk exposure in production. However, if there’s one thing we’ve learned in the last 12 months with recent emergent threats, it’s that no matter how much you try to secure your applications pre-production, you still need to have runtime protections in place for your business-critical applications. The Forrester report notes that the idea of “shift everywhere” seems to be gaining traction, which is inclusive of shifting both left and right. According to Forrester’s report, 58% of global senior security decision-makers plan to increase their application security budget this year. We can expect the spend on tooling across the SDLC to be prioritized.
An example of this – highlighted by recent vulnerabilities such as application security where
