10 Application Security Testing Resources You Should Master and Share With Your Executive Team in 2017

Application Security Testing Takeaways From 2016

In my current role, I have the pleasure of routinely hearing our clients’ direct feedback regarding the application security issues they face. Across the board, they consistently refer to three main areas of concern:

  • Securing executive buy-in and funding for major IT initiatives;
  • Spending most of their time firefighting everyday IT security issues rather than focusing on establishing a comprehensive risk management program; and
  • Keeping themselves and their teams abreast of rapidly evolving IT security trends.

10 Resources You Should Master and Share in 2017

Below are 10 key resources that will help you combat all three of the concerns outlined above.

1. ‘Five Critical Steps to Selecting an Application Security Provider’

This article offers five convenient and proven steps to help you select an application security testing provider that best fits your organization’s needs.

2. ‘Present These 10 Key Application Security Risk Management Findings to Your Executive Team’

Larry Ponemon recapped findings from the Ponemon Institute’s “State of Application Security Risk Management Report.” The report analyzed feedback from more than 600 IT security executives about application security best practices and challenges.

3. ‘Recently Released Industry Research Study Reveals Triple-Digit ROI for IBM Application Security Solution’

This past summer, Forrester Consulting issued a study, “The Total Economic Impactâ„¢ (TEI) of IBM Security AppScan Source,” to assess the economic and business benefits of IBM’s application security testing solutions. The subject of the study was a large, global enterprise that currently utilizes IBM AppScan Source to perform static application security testing (SAST) in its application development environment.

4. ‘Intelligent Finding Analytics: Your Cognitive Computing Application Security Expert’

This article explains how you can reduce noisy SAST findings by up to 99 percent by leveraging application security on cloud.

5. ‘Three Effective Ways to Make Application Security Testing a Successful Part of Your DevOps Program’

Here we outlined three convenient steps you can take to incorporate the latest DevOps best practices into your organization’s application security testing program.

6. ‘What Are the Tools Available to Perform Security Testing on Android Applications?’

This brief Quora response describes tools that can help you perform mobile application security testing. Although the question is focused on Android applications, the application security on cloud can also be utilized to test Apple iOS applications.

7. ‘Are Your Vulnerable Applications Running Scared? IBM Security to the Rescue!’

This entertaining video explains how application security on cloud consulting services can help you to stay a step ahead of potential attackers.

8. ‘Concur Technologies Protects Mission-Critical Applications with IBM Security AppScan’

In this compelling video, Concur Technologies discusses how it uses AppScan to protect its clients’ privileged travel and expense reporting information. You’ll also learn why Concur’s senior application security engineer wanted to give his IBM support contact a big bear hug.

9. Client Case Study: Individual Restaurants

A fascinating case study details how Individual Restaurants successfully leveraged IBM Application Security on Cloud to help protect the mission-critical mobile application that powers its Club Individual customer affinity program.

10. ‘Uncover What’s Inside the Mind of a Hacker’

In this recorded webinar, an IBM ethical hacker encourages developers to “put their hackers’ hats on” to consider potential security vulnerabilities from a cybercriminal’s perspective. He also discusses software defenses that can prevent security flaws from recurring.

Share this Article:
Neil Jones

Market Segment Manager for Application Security

Neil currently serves as IBM's world-wide Market Segment Manager for Application Security. He possesses more than 10 years of experience in the IT security space, and has worked in a variety of different roles in the field, including product marketing, sales and even product pricing. He's been a designated Certified Information Systems Security Professional (CISSP) since 2008. In his spare time, he's an avid hiker, traveler and social media fan.