Survey gauges Web application security spending

Not much data exists on what percentage of security budgets are dedicated to building strong Web apps
  • (IDG News Service)
  • — 27 March, 2009 07:16

A new survey shows that despite the dismal economic conditions, more than a quarter of the companies polled expect to spend more on Web application security this year.

Data on Web application security is scarce, according to the project's founders. The new survey is intended to be conducted quarterly.

Companies often save money through Internet-based sales, but also face risks such as data breaches and a subsequent loss of consumer confidence in their services.

The Security Spending Benchmarks Project comes from the Open Web Application Security Project (OWASP), dedicated to good Web application security practices.

The benchmarking survey is headed by Boaz Gelbord, who is also executive director of information security at Wireless Generation, along with help from Jeremiah Grossman, CTO and founder of White Hat.

Fifty-one companies responded to the survey, answering questions such as how much of their budgets are dedicated to Web application security and how those applications were vetted. More than a quarter of the companies that participated generate more than US$1 billion in revenue annually.

The survey doesn't show exactly how much companies spent on Web application security but rather percentages of their budgets dedicated to the area. Other questions gauged how companies feel about the importance of strong Web apps.

The results are mixed, with some responses indicating that companies are more focused on application security. Though more than 25 percent companies expected to spend more on Web application security this year, thirty-six percent said spending would remain flat. Others did not respond.

Half of the companies said security is part of their branding strategy, but 61 percent said that security as a competitive advantage was not a motivation. Forty percent of companies said compliance was the most compelling reason for Web application security spending.

Sixty-one percent said they allow an independent third-party to review applications before deployment, with 17 percent saying they don't. The rest either didn't know or would do it if requested by a customer.

In a sign of how many companies are still catching up, more than third say they don't use a Web application firewall to ensure against intrusions or detect anomalies.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Topics: web applications, security
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?