BSIMM

BSIMM14 Report: Application Security Automation Soars

Retrieved on: 
Tuesday, December 5, 2023
HCA Healthcare, Oppo, ZoomInfo, ISV, Synopsys, Vivo, Honeywell, Realtek, Navy Federal Credit Union, Navient, Growth, Bank of America, Fintech, Organization, Internet of things, Bank, CIBC, TD Ameritrade, SonicWall, EQ Bank, Automation, Health, ServiceNow, NEC, Johnson & Johnson, Software, Medtronic, Risk, Yahoo! Inc. (2017–present), Insurance, Culture, AARP, Eli Lilly and Company, SNPS, Principal Financial Group, Vanguard, MassMutual, Philosophy, MediaTek, Business Integration Group, Inc., Citigroup, BSIMM, Teradata, Learning, Synchrony Financial, Landis+Gyr, Diebold Nixdorf, NetApp, Mobile phone, Risk management, SBOM, Lenovo, IntraLinks, U.S. Bancorp, Fidelity, Veritas, Finastra

SUNNYVALE, Calif., Dec. 5, 2023 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS) today published BSIMM14, the latest edition of the annual Building Security In Maturity Model (BSIMM) report analyzing the software security practices across 130 organizations, including some of the most advanced companies in cloud, financial services, FinTech, ISV, insurance, IoT, healthcare, and technology industries. The report found that the use of automated security technology is growing rapidly, which in turn is propagating the "shift everywhere" philosophy – performing security tests throughout the entire software development life cycle – across more organizations.

Key Points: 
  • Synopsys Software Integrity Group report highlights how customers embracing automation are improving security processes throughout the software life cycle.
  • This year's findings revealed a clear trend of firms increasingly taking advantage of security automation to replace manual, subject matter expert–driven security activities to reduce cost and improve effectiveness.
  • Greater automation has enabled organizations to embrace the shift everywhere philosophy, with automated, event-driven security testing increasing by 200% over the last two years.
  • "Companies are seeing firsthand that eliminating human error with consolidated, integrated security tooling makes security programs more effective and affordable — a compelling combination.