IDG Study Reveals That 63 Percent of Web, Mobile and Legacy Applications Are Not Assessed for Security Vulnerabilities

Veracode and IDG experts to discuss how enterprises can close the growing security gap by creating formal application security programs

BURLINGTON, Mass. - June 17, 2014 Veracode, the application security company, today announced that research conducted by IDG revealed that 63 percent of enterprise applications are not assessed for security vulnerabilities. Veracode and IDG will present this and related findings from the research study during the webinar titled: “Majority of Internally Developed Apps Not Assessed for Critical Security Vulnerabilities” on June 25, 2014 at 11:30 am EDT. 

Leading enterprises in all industries are delivering new mobile experiences, leveraging the Cloud and Big Data analytics, and digitizing their processes. As a result all enterprises are becoming software companies, and these companies are competing to bring their innovations to market faster. The IDG study showed that, on average, enterprises are internally developing 2,500 applications a year.  The reason the majority of these applications go untested is because securing web, mobile and third-party applications can be an inhibitor to getting these solutions to market quickly – especially when using the traditional on-premises approach to application security. This approach is complex, and requires specialized skills. Plus it is decentralized, making it challenging for enterprises to apply consistent policies, metrics and reporting across disparate business units and development teams. 

The joint IDG and Veracode webinar will reveal results from the recent study and examine why so many applications go untested – even though enterprise applications are the primary target for cyber-attacks. The study found that 63 percent of applications are not assessed for critical security vulnerabilities, including the most commonly exploited vulnerabilities such as SQL Injection and Cross-Site Scripting. During the webinar, experts will discuss how the lack of formal application security programs combined with the growing number of enterprise applications being produced creates a security gap that increases enterprise risk. The webinar will also examine how enterprises can benchmark their application security programs against peers to bring their application security posture to the next level.

The IDG study asked executives at large enterprises about their application security programs and practices. The purpose of this study was to gain a better understanding of the enterprise application security environment, particularly for internally developed applications. The study also forecasted future application development, changes to security budgets, and application security vulnerabilities.

To register for the webinar visit:



contact menu