Software security top priority for enterprises 9 March, 2010 By Mark Cox

PromoPipeline Exclusive Channel Promotions Find Out How You Can Make Money Today! ENROLL FREE! >> Channel Planning Before Its Time William Vanderbilt - Innovative Learning Channels Factory Direct Should Not be Cheaper William Vanderbilt - Innovative Learning Channels Cloud Ecosystem II: A Candid Conversation with Oracle Beth Vanni - Amazon Consulting Cloud Ecosystem: A Candid Conversation with Rackspace Hosting Beth Vanni - Amazon Consulting Channel Manager Compensation William Vanderbilt - Innovative Learning Channels

According to survey results, 74 percent of respondents say their organizations have placed a high priority on software security and have active software security programs in place, while less than a quarter of respondents stated that software security was not on their radar. The remaining respondents were utilizing the RSA show to learn more about the solutions they could employ in the future.

Fortify's straw poll also revealed that the majority of respondents believe that the software and applications in their company are likely to have exploitable vulnerabilities and that they assume their organizations were under attack at least once a day, if not more.

"It's very encouraging to see that software security is top of mind for today's enterprises," commented Barmak Meftah, Fortify's Chief Products Officer. "As we've seen over the last few years, some of the biggest data breaches have been a result of attacks at the software layer. Enterprises are constantly under attack by data thieves hoping to capitalize on weaknesses in code. Awareness of this risk is critical to tackling the problem of insecure applications."

Most respondents noted that their companies were deploying a combination of technologies to address vulnerabilities in software, including code analysis, application scanning, penetration testing and web application firewalls, with the majority of respondents noting that penetration testing and application scanning were the prevalent solution in their organization.

"We find that most enterprises have deployed solutions to discover security weaknesses in their code and assess their level of risk exposure," continued Meftah. "As companies mature their software security programs, the next step is prioritizing those security concerns and putting in place the appropriate processes and technologies for remediating, and eventually preventing, those vulnerabilities."

In wrapping up the poll, Fortify questioned attendees on their personal experience with hacking. The majority of respondents, roughly 88 percent, stated that they had hacked in the past. A handful of those who had attempted hacking admitted it was for "fun" or "curiosity," while most stated that their experience with hacking was "work-related" or "white hat" hacking.