AppSec Stats Flash: 2021 Year in Review is out now.
This edition of the AppSec Stats Flash report takes a comprehensive look back at 2021 – a year that will likely be remembered as one of the most significant for the wider cybersecurity landscape. It was a year that consisted of the Colonial Pipeline attack, a Presidential Executive Order for cybersecurity, the ongoing Log4j fallout and more.
The report focuses on changes within Window-of-Exposure and Time-to-Fix data across industry verticals, such as Healthcare, Manufacturing, Utilities and Retail, and aims to arm organizations with actionable key takeaways for securing their web applications in the modern threat landscape.
Key findings from the report include:
“Marred by the Colonial Pipeline attack and the ongoing Log4j fallout, the events of 2021 brought application security to the forefront of the wider media and public conversation,” said Craig Hinkley, chief executive officer at NTT Application Security. “Despite the elevated push to remediate critical vulnerabilities in both public and private sector applications, there’s evidence that suggests this inadvertently led to an overall negative result, as these initiatives seem to have occurred as a tradeoff with—rather than an addition to—existing remediation efforts. Moving forward, it is critical for application security programs to evolve toward a more comprehensive approach that brings together robust security testing, strategic remediation efforts and contextual education of developers, development operations and security operations personnel.”
Interested in learning more about the findings? Download the report today or click here to check out previous AppSec Stats Flash reports examining the state of application security on a month-by-month basis.