In the near future, almost all businesses will rely on SaaS for their business operations. With this expected growth, application security (AppSec) is expected to reach $13 billion in value by 2025. There is also the question of who will own AppSec and keep SaaS secure? Most experts suggest that software developers should remain responsible for AppSec but to what extent is still up for debate. If a Dev team is responsible for all of AppSec, then security teams at a corporation lose most of their responsibility to prevent cyberattacks.
Experts have suggested using DevSecOps to integrate the strengths of both the DevOps team and the security team. By starting security testing earlier in the development process and using AppSec tools to support the SaaS, a more secure software will be produced. These tools and processes are still growing and changing and Dev teams should also pay attention to code hygiene and case management. CISOs will most likely be the decision makers for the best AppSec strategy for their organization and it’ll require a larger budget in order to make immediate changes.
Read more here.