Press release
BSIMM14 Report: Application Security Automation Soars
Synopsys Software Integrity Group report highlights how customers embracing automation are improving security processes throughout the software life cycle.
About this update from Synopsys, Inc.
[{"type":"text","content":"Synopsys Software Integrity Group report highlights how customers embracing automation are improving security processes throughout the software life cycle.\nSUNNYVALE, Calif., Dec. 5, 2023 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today published BSIMM14, the latest edition of the annual Building Security In Maturity Model (BSIMM) report analyzing the software security practices across 130 organizations, including some of the most advanced companies in cloud, financial services, FinTech, ISV, insurance, IoT, healthcare, and technology industries. The report found that the use of automated security technology is growing rapidly, which in turn is propagating the \"shift everywhere\" philosophy – performing security tests throughout the entire software development life cycle – across more organizations.\n\n \n \n \n \n \n \n\n \nAutomation Adoption on the RiseThis year's findings revealed a clear trend of firms increasingly taking advantage of security automation to replace manual, subject matter expert–driven security activities to reduce cost and improve effectiveness.\nGreater automation has enabled organizations to embrace the shift everywhere philosophy, with automated, event-driven security testing increasing by 200% over the last two years. Additional notable findings around the power of automation include:\nImproved ease of review: Automation has led to a 68% growth in mandatory code review in the last five years.Enhanced affordability: Recent economic conditions have caused a reduction in expensive, subject matter expert–driven activities that are not easy to automate. Centralized defect reporting and attack lists all decreased in usage by more than 17%.Greater toolchain usage: Organizations are embracing modern toolchain technology that allows security testing in the QA stage to be automated – leading to a 10% growth in several related security activities.\"Everyone has gone all-in on automation across a range of security functions, and that's leading directly to better practices,\" said Jason Schmitt, general manager of the Synopsys Software Integrity Group. \"Companies are seeing firsthand that eliminating human error with consolidated, integrated security tooling makes security programs more effective and affordable — a compelling combination. With cyberattacks on the rise and coming from every angle, automation is...