1、Bestin Samuel,Neha Agarwal,Mary Joy26 April 2024Gartner ResearchHow to Make Application Security Developer-FriendlyGartner,Inc.|G00807301Page 1 of 11How to Make Application Security Developer-Friendly26 April 2024-ID G00807301-8 min readBy Analyst(s):Bestin Samuel,Neha Agarwal,Mary JoyInitiatives:So

2、ftware Engineering Practices;Build a World-Class Software Engineering Organization;Security of Applications and Data;Software Engineering TechnologiesSoftware engineering leaders hold their teams responsible andaccountable for security activities,but teams experience frictionthat impedes secure soft

3、ware delivery.This research highlightstwo companies using developer-centric approaches to addressdeveloper pain points in application security.OverviewKey FindingsMore than half of software engineering teams are responsible for security activitiessuch as remediating vulnerabilities,securing APIs and

4、 embedding security controlsin software.But software engineering teams experience friction that makes itdifficult for them to accomplish security goals.Security guidelines can be difficult for developers to interpret and apply to theirspecific context only 42%of software engineering professionals be

5、lieve thatsecurity requirements are easy for them to understand.Developers often lack access to security expertise and guidance nearly half ofsoftware engineering professionals report that they struggle to access securityexpertise when needed.Gartner,Inc.|G00807301Page 2 of 11RecommendationsSoftware

6、 Engineering Teams Responsibility and Accountability for SecurityActivitiesApplication security is a top priority for software engineering leaders as cyberattacks areon the rise.At the same time,Software engineering teams are increasingly responsible fora range of security-related activities.Accordi