http://www.darkreading.com/security/app-security/showArticle.jhtml?articleID=224700250 By Kelly Jackson Higgins DarkReading Apr 29, 2010 With all of the attention and education surrounding secure coding practices and Web attacks, you'd think it would be sinking in to enterprises by now, but not so much, according to a new survey: Only 18 percent of IT security budgets are dedicated to Web application security, while 43 percent of budgets are allocated to network and host security. "The State of Application Security" report by the Ponemon Institute and commissioned by Imperva and WhiteHat Security, published this week, found that 70 percent don't believe their organizations allocate enough money to securing and protecting their mission-critical Web apps. In addition, 55 percent said developers are too busy to fix security issues in their apps. "Overall, the results of the study confirmed things WhiteHat and Imperva have believed and recognized for quite some time. The vast majority of attacks come through applications -- in particular, Web applications," says Stephanie Fohn, CEO of WhiteHat. The survey found that 34 percent of major vulnerabilities are not fixed, and 38 percent said they believed it would take more than 20 hours of time for a developer to fix one bug. [...] _______________________________________________ Best Selling Security Books and More! Shop InfoSec News http://www.shopinfosecnews.org/Received on Thu Apr 29 2010 - 22:35:30 PDT
This archive was generated by hypermail 2.2.0 : Thu Apr 29 2010 - 22:48:43 PDT