With data breaches through third-party applications lighting up news headlines left and right, the scrutiny on cohesion between software vendors and their customers is at an all time high. And it should be high because as we noted in our State of Software Security Supplement Report 90% of third-party code does not comply with enterprise security standards such as the OWASP Top 10. As a result of the large and growing footprint of third-party software in the enterprise, regulatory bodies such as the OCC and industry organizations such as FS-ISAC, OWASP and the PCI Security Standards Council are now placing increased focus on controls required to mitigate the risks introduced by third-party software. That's why the next question in our Future of Application Security series is:
What's the best way to work with vendors and suppliers on application security?
Watch Our Other Video Surveys
- Video 1: When will the number of data breach incidents per year finally begin to fall?
- Video 2: How can security professionals promote growth and innovation at their organizations?
- Video 3: What methods are best to involve software development teams in application security?
- Video 4: What’s the best way to work with vendors and suppliers on application security?
- Video 5: What are the limitations of on-premises software versus a cloud solution?
- Video 6: What is future of application security?
- Video 7: If You Had an Application Security Monster in Your Corner What Problem Would it Attack?