Limited automation and ineffectiveness are two problems facing the application security testing market.
As we wrote about previously, tooling does not address a majority of the security tests being conducted. The Cybersecurity Insiders 2018 Application Security Report provides more details, showing that only 43 percent of information security professionals’ organizations have automated security testing in their software release lifecycle. Although most organizations have some DevOps processes in place, in reality, automated security testing is not deployed in a majority of CI/CD pipelines. Furthermore, even among organizations that have automated testing, the number of tests that are automated are still limited.
The complete article can be found here.
