Many companies have significant investments in network security, but it’s not enough because a significant chunk of all cyber-attacks are happening on the application layer. Cyber criminals are increasingly targeting the application stack for exploitation.
According to the U.S. Department of Homeland Security (DHS), 90% of security incidents result from exploits against defects in software. The Forrester Wave: Application Security Report says that companies rush to build and use applications without thinking about the security of the application itself. The Global Information Security Workforce Study published by the International Information Systems Security Certification Consortium (ISC)2 claims that 30% of companies never scan for vulnerabilities during code development. These are all astounding findings!