F5 just released a report (in conjunction with the Ponemon Institute) on the state of application security in 2016. The report surveyed security professionals about their approach to protecting applications that are critical to running their businesses and highlights why traditional security methods are no longer effective.

A few interesting data points from the report include:

  • Enterprises are investing in network perimeter (90% of budget), but majority of attacks are aimed at user identity and application (72% of attacks)
  • 57% respondents said lack of visibility in the application layer is preventing strong security
  • 71% of security professionals who have integrated DevOps practices into their application development lifecycles say that they have improved security and enabled them to respond quickly to vulnerabilities

Check out the full report here or a blog post by F5 Chief Information Security Office Mike Convertino where he outlines key takeaways and reflects on what they mean for the IT security space.