Security Market Segment LS
  2. Home
  3. Business IT
  4. Security
  5. App security not top priority for 86% of devs: survey
Thursday, 07 April 2022 14:54

App security not top priority for 86% of devs: survey

By
Secure Code Warrior co-founder and CEO Pieter Danhieux Secure Code Warrior co-founder and CEO Pieter Danhieux

Secure coding training specialist Secure Code Warrior's annual The State of Developer-Driven Security survey has found that 86% do not view application security as a top priority when writing code, despite paying lip service to a security-led software development lifecycle.

SonicWall CTR2022 MREC

More than half of the 1200 developers in APAC, Europe and North America surveyed during December 2021 were unable to ensure that their code is protected from seven common vulnerabilities.

The problem, of course, is competing priorities. Almost a quarter (24%) cited the need to meet deadlines (24%), while 20% said developers are not given enough training or guidance on how to implement secure coding by their managers.

Worryingly, only 29% said they believe the active practice of writing code free of vulnerabilities should be prioritised.

The value of training related to secure coding can be seen in the finding that 81% of developers said they use the knowledge gleaned from training on a near-daily basis.

Yet 67% are still knowingly shipping vulnerabilities in their code.

One in four developers said they want more training guided by self-paced multimedia, and one in five think industry certifications would improve the perception of training.

Among the other findings, 33% of developers don't know what makes their code vulnerable, 30% think in-house security training would most be improved if it were more practical and included real world scenarios and outcomes, and the biggest concern of 30% of respondents is vulnerabilities introduced by co-workers.

"Developers want to do the right thing, and while they are starting to care more about security, their working environment doesn't always make it easy for them to make it a priority. Often, the tools at their disposal - and methods they are deploying - result in 'getting by', rather than actively reducing risk, and their priorities remain misaligned with the security team," said Secure Code Warrior co-founder and CEO Pieter Danhieux.

"While organisations encourage secure coding practices, developers are unclear on how they are defined in their day-to-day work, and what is expected of them. To reach a higher standard of code quality, organisations must formalise secure coding standards as they apply to developers, and guide a change in behaviour that reinforces good coding patterns and enables security at speed."

More information about the State of Developer-Driven Security 2022 survey is available here.

Read 872 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under
Stephen Withers

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Latest from Stephen Withers

Related items

More in this category: « Malicious Android apps target Malaysian bank customers, warns ESET Trellix releases global threat research on organisation and nation-state cyber threats »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments