Stuart Parkerson, Publisher at AppDeveloper Magazine:
Waratek recently surveyed senior security professionals to ascertain the current climate of security and risk management for enterprises. According to the results, two-thirds of senior security professionals polled said they remediate 40 percent or less of the security vulnerabilities discovered by software application security testing (SAST) tools.
Other findings included the fact that 50 percent of respondents reported that it takes their organization three months (23%) or more (27%) to fix security flaws in their applications. The majority (52%) of enterprises test less than half of their applications with SAST tools. More than one third (37%) test less than 20% percent of the applications for vulnerabilities.
The survey also found it takes half (50%) of enterprises three months or more to fix security vulnerabilities after they are discovered by SAST tools. Only 11% fix flaws in two weeks or less.
Read the full article