The 2016 SANS State of Application Security Survey analyst paper and webcast are complete. This year, Johannes Ullrich, dean of research at the SANS Technology Institute and instructor for DEV522: Defending Web Applications Security Essentials, led the project by analyzing the survey results, writing the whitepaper, and delivering the webcast.
We had 475 respondents participate in this year's survey, and Johannes identified the following key findings to discuss in the whitepaper:
38% have a "maturing" AppSec program
40% have documented approaches and policies to which third-party software vendors must adhere
41% name public-facing web apps as the leading cause of breaches
For more details, the webcast and whitepaper can be found here:
Thank you to all of the sponsors for bringing this content to the SANS community: Checkmarx, Veracode, and WhiteHat Security.
Also, a special thank you goes out to the webcast panel: Amit Ashbel (Checkmarx), Tim Jarrett (Veracode), and Ryan O'Leary (WhiteHat).
We will see you next year for the 2017 State of Application Security Survey!