Application Security Testing Report 2020
This whitepaper provides an exclusive insight into the latest trends in application security (AppSec). Learn more about the groundbreaking methods developed in research and practice.
The universe of software development is expanding increasingly with new approaches. Agile and DevOps are just two of them. Developers are working on different approaches on a variety of projects. The emphasis on software testing varies. Current developments show that software testing should be initiated as an integral part of the development process.
The reality is that software bugs are still a massive problem. The top 606 bugs alone caused a total financial loss of USD 1.7 trillion through direct damage, hidden consequential costs, and fixed costs. It is hard to imagine that security testing is still of secondary importance to many companies.
To shed some light on the subject, we help you to get an overview of the current state of Application Security (AppSeC). Application Security takes place in different phases of the Software Development Lifecycle (SDLC, DevSecOps). Software vendors usually rely on more than one Application Security Testing approach (SAST, DAST, IAST, ...), which has obvious advantages and disadvantages, discussed in more detail below. Since none of the approaches guarantees complete security, we have asked ourselves the following questions:
What are the essential requirements to ensure an effective and reliable testing process?
What could a better Application Security Testing solution look like?
All information about CI Fuzz at a glance. Learn more about how we can help you to build secure software by automating security testing.
Download our case study on how we found vulnerabilities in the open-source barcode generator ZINT for the software company SodgeIT GmbH.
Learn about the FAST approach and its advantages in comparison to SAST, DAST, and IAST, the most recent trend in 2019. Read the full article.