Adopting a DevOps culture is becoming increasingly discussed with a HP Enterprise report recently claiming that 99 per cent of operations professionals agreeing that it can improve application security but unfortunately the report also highlighted that only 20 per cent of respondents test during the development process. But testing is arguably the most important part of Application Security (AppSec) yet how organisations test various significantly from company to company. So how can we understand what’s happening in the marketplace and what we need to do to create more secure applications? In this article, we look at the findings of the SANS State of Application Security report we recently commissioned and discuss the importance of moving testing to a Secure Software Development Life Cycle. Continue reading here.