Could this gaping disconnect be the real reason why we're so vulnerable to attack?

There's been a rise in web application attacks -- with over 40% of breaches coming through web applications, according to Verizon’s 2016 Data Breach Report.

Why is this case? We employ secure coding practices, vulnerability scans, penetration tests, and more. We sought to determine what is really going on through a survey of over 1,000 IT and security professionals. What is happening on the front-lines of security, the day-to-day life of those in the trenches?

What we found was a huge gap between IT and security professionals, and a mountain of never-ending security issues and inefficiencies. A few are outlined below:

Updates: how often is enough?

Half of IT pros update applications only once every 1 - 6 months, while 52% of security pros update apps at least once a day, if not multiple times a day.

We're spending how much time tuning solutions?

Both IT and security pros spend significant amounts of time tuning existing AppSec solutions. In fact, that’s where security pros spend over 80% of their time, and IT pros almost 40% -- leaving both with little time for other duties.

Are vulnerability backlogs even an issue?

Security pros report having up to 5,000 vulnerabilities currently backlogged, whereas IT pros state they have NO vulnerability backlog. What's going on?

It should come as no surprise that hackers are capitalizing on this gap. Could this discord be the real root cause of breaches? 

Fill out the form to request a copy of the full findings of this survey report today. 


Prevoty is dedicated to securing enterprises and the users they serve by monitoring and protecting the applications. By using a novel LANGSEC-based approach to accurately analyze attacks from inside production applications, Prevoty’s award-winning products provide real-time application security intelligence and runtime application self-protection. These capabilities dramatically improve remediation of vulnerabilities, enabling security and development teams to work together more effectively, even with agile release cycles.