App Vulnerability Scanning, Penetration Testing Realize ROIs, Study Shows
Aberdeen Group found that application vulnerability scanning and penetration testing technologies are strong differentiators of top performance
October 21, 2010
PRESS RELEASE
BOSTON, MA, Oct 19, 2010 (MARKETWIRE via COMTEX) -- In the second of a four-part series of research on application security, Aberdeen Group, a Harte-Hanks Company /quotes/comstock/13*!hhs/quotes/nls/hhs (HHS 13.12, +0.51, +4.04%) found that application vulnerability scanning and penetration testing technologies are strong differentiators of top performance. Both are 50% to 70% more likely to be used by the leading performers than by the lagging performers in the study, and in general these technologies are viewed as the cornerstones of ongoing application security assurance.
Aberdeen's analysis of companies adopting the find and fix strategy -- i.e., the use of application vulnerability scanning and penetration testing solutions to identify the security vulnerabilities in the applications currently in production, to be addressed subsequently by the application developers -- found that they realized a very strong 3.1-times return on their annual application security investments. Particularly in the context of achieving, sustaining and demonstrating PCI compliance, the use of application vulnerability scanning and penetration testing solutions are seen to be strong differentiators of the companies achieving top results.
"The good news: companies adopting the 'find and fix' strategy for application security realized a very strong return on their annual investments," commented Derek E. Brink, vice president and research fellow for IT Security, Aberdeen Group. "Given that the average total cost of remediating an actual application security-related incident is so high, however, Aberdeen's research shows that successful prevention still outweighs the undeniable benefits of proactive inspection and detection."
To obtain a complimentary copy of the Application Scanning and Penetration Testing: Find and Fix (Later) report, visit: http://www.aberdeen.com/link/sponsor.asp?spid=30410182&cid=6740&camp=2.
A complimentary copy of the Securing Your Applications: Three Ways to Play report is available at: www.aberdeen.com/aberdeen-library/6580/RA-web-application-security.aspx.
To take a complimentary, easy-to-use interactive assessment that can help you to identify the strategies, capabilities, and technologies used by companies with top performance in the area of application security, visit: http://assessment.aberdeen.com/cY1MyjqbaO/index.aspx.
For additional access to complimentary Information Technology research, please visit http://research.aberdeen.com/index.php/-information-technology
To view complimentary 30-minute webcasts highlighting findings from this and other Aberdeen IT Security research, visit www.brighttalk.com/channel/290.
About Aberdeen Group, a Harte-Hanks Company
Aberdeen provides fact-based research and market intelligence that delivers demonstrable results. Having queried more than 30,000 companies in the past two years, Aberdeen is positioned to educate users to action: driving market awareness, creating demand, enabling sales, and delivering meaningful return-on-investment analysis. As the trusted advisor to the global technology markets, corporations turn to Aberdeen for insights that drive decisions.
As a Harte-Hanks Company, Aberdeen plays a key role of putting content in context for the global direct and targeted marketing company. Aberdeen's analytical and independent view of the "customer optimization" process of Harte-Hanks (Information - Opportunity - Insight - Engagement - Interaction) extends the client value and accentuates the strategic role Harte-Hanks brings to the market. For additional information, visit Aberdeen or call (617) 854-5200, or to learn more about Harte-Hanks, call (800) 456-9748.
Read more about:
2010You May Also Like