This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Aug 13, 2019
WhiteHat Security is now a wholly-owned, independent subsidiary of NTT Security. With this strategic development, we are able to combine the global reach of NTT with WhiteHat's deep expertise in application security. As a result, our research now offers the most comprehensive perspective on the current state of application security, as well as recommendations on how to implement DevSecOps effectively.
The 2019 WhiteHat Application Security Statistics report looks at our underlying application security data to derive conclusions, identify trends and highlight what's working and what's not when it comes to DevSecOps and secure application delivery. This report is the product of data analysis derived from evaluating data from approximately 17 million application security scans performed by organizations in 2018.
Why Read This Report?
Application Security has become critical to business success
The cliche 'there's an app for that' underlies today's business maxim: applications are at the foundation of today's enterprise. As the digital transformation continues, organizations are beginning to realize that security is not merely another table stake, it's the timber the rest of the organization is built upon.
Pace and rate of change in today's application development are blindingly fast
Apps are now the way to out-innovate competition across industries which is why teams are increasingly focused on time-to-market and time-to-value when it comes to application development.
Security & DevOps are converging - and an approach for success has emerged
The phased approach to DevSecOps we outline in this year's report is a macro-trend that supports the Security and DevOps convergence, and empowers teams to deliver better performing and more secure apps - and meet the goal of rapid innovation and reliable service delivery.
Who Should Read This Report?
For Business Decision Makers...
How to measure the effectiveness of your application security investment to help mitigate overall business risk.
For Security Professionals...
How to best defend your applications by evaluating how your vulnerability levels and remediation times compare with industry benchmarks.
For Application Development and Operation Teams...
How to develop software more securely by partnering with the security team to adopt tools and methodologies compliant with your software development lifecycle (SLC).