A majority of security managers are unsure of the current level of their application security state and believe a hacker could exploit their applications, a new study found.
The survey, conducted by security software provider Quotium, was to better understand the solutions used to secure applications in corporations in Europe and in the United States. More than 500 CISOs and security managers responded to questions about the security state of their applications, the frequency of attacks in their organizations and the solutions in place to mitigate these security threats.
Most of the big organizations interviewed currently have processes in place to test their web applications vulnerabilities. That is the good news with most of them using penetration testing services, automated testing tools — mostly application scanners or static code analyzers — or web application firewalls to secure their assets.
However, a majority of security managers are unsure of the current level of their application security state and believe a hacker could find a way to exploit their applications. Also almost half of those surveyed do not have a clear view on the attacks currently performed against their organization.
The gap between the efforts put into protecting applications and the actual state of the applications is also interesting. While almost all organizations invest time, money and energy into protecting their infrastructure using one or more types of service or technology, most applications remain vulnerable and are still under attack.
As a part of the survey, 51 percent of security managers believe their company’s applications are vulnerable, while 80 percent think off the shelf applications are vulnerable. Also, only 11 percent of security managers feel their company’s applications are secure.
In addition, 40 percent of all organizations end up targeted every day by applications attacks.
Click here for more on the research.