TechTarget recently ran an interview with "Web Application Security" author Andrew Hoffman, who explained the importance of a secure web application architecture and how to achieve it through collaboration between software and security engineers.

A recent Ponemon study found that 71% of IT professionals prefer to use best-of-breed security solutions rather than get all of their security tools from a single vendor.  This finding is especially important in the light of recent security architectures, especially SASE and Zero Trust.  

An ESG report on Modern Application Development Security released in August of 2020 found that 60 percent of organizations had experienced an attack on an OWASP Top 10 vulnerability in the prior 12 months.

A report from Acunetix, The Invicti AppSec Indicator, Spring 2021 Edition: Acunetix Web Vulnerability Report, came out with the conclusion that Web Application Security was a victim of the on-going COVID-19 pandemic. 

A new report, the Hiscox Cyber Readiness Report 2021, surveyed over 6,000 companies in the U.S. and Europe and found that the number of businesses targeted by cyber criminals in the past year increased from 38% to 43%, with over a quarter of those targeted (28%) experiencing five attacks or more, 

A new report from Synopsys examined audit data from 1,500 + commercial codebases to examine how organizations are using open source code.  The past year with the COVID pandemic saw a significant increase from last year's report, with the number of open source vulnerabilities in codebases increasing from 75% to 84%.

Cymatic  released new survey results from C-suite and VP-level executives in IT and cybersecurity detailing the state of web application security. The survey included some troubling results, including the finding that 75 percent of IT leaders lacked confidence in their web application security. 

Security magazine recently reported on  WhiteHat Security's AppSec Stats Flash Volume 3, the latest installment of the company’s monthly report and podcast reflecting on the current state of application security and the wider cyber threat landscape.  One of the key findings was that over 40% of applications are actively leaking information and are at risk of exposing sensitive data.

ZDNet recently wrote about some new statistics from the annual Cyber Security Breaches Survey from the Department for Digital, Culture, Media and Sport (DCMS), including the surprising statistic that 1/3 of organizations take no action after a cyber attack.