jlavery's picture By Jessica Lavery

Intro to AppSec


The past few years have seen a tremendous increase in the number and severity of successful attacks aimed at the application layer. In fact, recent studies indicate that attacks on the application layer are growing by more than 25 percent annually (Akamai Q3 2015 State of the Internet - Security Report).

The news headlines are filled with stories about these breaches. From Target to JPMorgan Chase to TalkTalk, every breach is covered in dramatic detail. Yet, although we hear a lot about application-layer breaches, we rarely hear about the solution -- application security. Why? Maybe because the “why” and the “who ” of security breaches make more dramatic headlines and are easier for most people to understand. Delving into the “how” is more complex, and not such good headline fodder.

And not only is application security not in the headlines, most organizations are not spending time or money on it (hence the breaches!). One reason is that application security is simply misunderstood. In many cases, the traditional, on-premises tools-based approach to application security has fostered the misconception that application security programs are expensive and difficult to manage. But as the breaches continue, and the financial and brand damage add up, organizations need to clearly understand application security, and how to implement it.

Our “What Is Application Security?” information sheet is a good place to start. It will help you understand exactly what AppSec is, why it’s important and how you should approach it.

Related Content

Why I'm Going to RSA 2018: Veracode's New SVP of Engineering

Mar 29, 2018

How Are We Securing the Booming Digital Economy? Our Latest Survey Results

Dec 08, 2017

Application Security Virtual Summit: Attend a Top AppSec Conference from Your...

Aug 14, 2017

When Technology Fails Us. And When We Fail Technology.

Apr 28, 2017

The Veracode Platform: Where Development and Security Come Together

Apr 11, 2017

The Importance of Application Security: A Few of the Benefits and Risks

Jan 19, 2017
jlavery's picture
By Jessica Lavery

Jessica is part of the content team at Veracode. In this role she strives to create and promote content that will engage, educate and inspire security professionals around the topic of application security. Jessica’s involvement with the security industry goes back more than a decade at companies like Astaro, and Sophos where she held roles in corporate communication and marketing.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 


No thanks, back to the article please.

Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.

*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.