Enterprises are continuously battling criminals on many fronts. It’s an all-out war against enemies that are well-hidden and remain unpredictable. And the stakes are high – an effective, multi-stage attack can cripple the business or even lead to its complete downfall.

Fortunately, most enterprises now realize that web application security is one of the most important war fronts. Businesses are aware of the fact that most of their resources are either already in the cloud or going there soon – and the cloud is the web. They know that next to the human factor, it is web vulnerabilities and misconfigurations that usually let the enemy sneak through and wreak havoc behind the primary defense lines, for example, by spreading ransomware.

But is all that awareness good enough to win the war?

We teamed up with Dimensional Research to conduct a survey and learn how effectively enterprises are handling web application security. Unfortunately, the results are not as optimistic as we hoped. We learned about the real extent of agile methodologies and the accompanying shift left. We found out how many web applications are purposefully left insecure and why. We discovered whether businesses are able to manage the influx of new security issues.

You can find all the answers in this report.

Tomasz Andrzej Nidecki
Principal Cybersecurity Writer
Tomasz Andrzej Nidecki (also known as tonid) is a Primary Cybersecurity Writer at Invicti, focusing on Acunetix. A journalist, translator, and technical writer with 25 years of IT experience, Tomasz has been the Managing Editor of the hakin9 IT Security magazine in its early years and used to run a major technical blog dedicated to email security.