The Great Divide: New Report Finds IT Professionals and Security Professionals at Odds Over Application Security

Is This Divide The Real Root Cause of Breaches?

Major discrepancy found in time spent over updating, tuning and managing backlog of vulnerabilities

The Real Root Causes of Breaches (Graphic: Business Wire)

MENLO PARK, Calif.--()--Prevoty, a leader in runtime application security visibility and protection, today released a new report titled The Real Root Cause of Breaches - Security and IT Pros at Odds Over AppSec, which includes the results of a recent survey of over 1,000 IT and security professionals.

Insights reveal a major divide between IT and security professionals regarding the criticality and frequency of application updates, the amount of time required for tuning existing application security solutions, and the number of backlogged vulnerabilities.

Key findings include:

Application Updates

  • Half of IT professionals update applications only once every one to six months, while 52 percent of security professionals update applications at least once a day, if not multiple times a day.

Tuning Solutions

  • Both IT and security professionals spend significant amounts of time tuning existing application security solutions, in fact, that’s where security professionals spend over 80 percent of their time, and IT professionals almost 40 percent of their time, leaving both groups with little time for other duties.

Vulnerability Backlogs

  • Security professionals report having up to 5,000 vulnerabilities currently backlogged, while IT professionals state they have NO vulnerability backlog.

“Attacks against web applications are rising dramatically, and protecting these applications continues to be a struggle,” said Prevoty CEO and Co-Founder Julien Bellanger. “It’s surprising to discover that so many IT professionals are uninformed about, or under-prioritizing, this phenomenon. Prevoty has been protecting applications against millions of monthly attacks in our three years of production. Bridging the gap between Security and IT professionals is critical to take application security to the next level.”

About Prevoty

Prevoty is dedicated to securing enterprises and the users they serve by monitoring and protecting the applications that are the heart of modern business. By using a LANGSEC-based approach to accurately analyze attacks from inside production applications, Prevoty’s products provide real-time application security intelligence and RASP (Runtime Application Self-Protection). These capabilities enable Global 2000 enterprises to dramatically improve remediation of vulnerabilities, enabling security and development teams to work together more effectively, even with agile release cycles.

Prevoty was founded in 2013 and is headquartered in Menlo Park, California. For more information on the company's application security solutions, go to or follow @Prevoty on Twitter.


104 West Partners For Prevoty
Alissa Bushnell, 415-235-9532

Social Media Profiles


104 West Partners For Prevoty
Alissa Bushnell, 415-235-9532