![\"\"](\"https:\/\/abes.org.br\/wp-content\/uploads\/2021\/08\/Seguran\u00e7a-TI-93472-scaled.jpg\")
<\/p>\n79% from CISOs say ongoing runtime vulnerability management is a key capability to keep up with the increasing complexity of multicloud environments\u00a0<\/i><\/p>\n
Dynatrace, the benchmark in Software Intelligence, announces the results of its latest independent global survey of 1,300 chief information security officers (CISOs) in large organizations. Research reveals that the speed and complexity brought by using multicloud environments, multiple coding languages and open source software libraries are making vulnerability management difficult. The 75% study indicates that CISOs say that despite having a multi-layered security posture, persistent gaps in coverage allow for vulnerabilities in software production.<\/p>\n
<\/p>\n
As a consequence, the research highlights the growing need for observability and security convergence, paving the way for AISecDevOps practices. This will empower organizations with a more effective way to manage runtime vulnerabilities and the ability to detect and block attacks in real time. The report states that observability and security must converge to enable effective vulnerability management.<\/p>\n
The search results include important points such as:<\/p>\n
\u2013<\/strong>\u00a069% from CISOs say vulnerability management has become more difficult as the need to accelerate digital transformation has increased.<\/p>\n \u2013<\/strong>\u00a0More than three-quarters (79%) of CISOs say that automatic and continuous management of vulnerabilities at runtime is critical to filling the gap in capabilities of existing security solutions. However, only 4% of organizations have real-time visibility into runtime vulnerabilities in containerized production environments.<\/p>\n \u2013\u00a0<\/strong>Only 25%'s security teams can access a fully accurate and continuously updated report of every application and code library running in real-time production.<\/p>\n \u201cThese findings underscore that it is always possible for vulnerabilities to go unnoticed by security teams, regardless of how robust their defenses are. Both new applications and stable legacy software are prone to vulnerabilities that are most reliably detected in the production and analysis stages. Log4Shell was the poster child for this issue and there will undoubtedly be other scenarios like this in the future,\u201d says Bernd Greifeneder, Chief Technology Officer at Dynatrace.<\/p>\n The executive also highlights that most organizations still do not have real-time visibility into runtime vulnerabilities. \u201cThe issue stems from the increasing use of cloud-native delivery practices, which enable greater business agility but also introduce new complexity for vulnerability management, attack detection and blocking. The rapid pace of digital transformation means that already overworked teams are bombarded by thousands of security alerts that make it impossible to see through the noise and focus on what matters. Teams find it impossible to manually respond to all alerts and organizations are exposed to unnecessary risk by allowing vulnerabilities to escape into production.\u201d<\/p>\n The report with the CISOs also includes findings such as:<\/p>\n \u2013<\/strong>\u00a0On average, organizations receive 2,027 alerts of potential application security vulnerabilities each month.<\/p>\n \u2013<\/strong>\u00a0Less than a third (32%) of the application security vulnerability alerts organizations receive each day require action, compared to 42% last year.<\/p>\n \u2013<\/strong>\u00a0On average, application security teams waste 28% of their time on vulnerability management tasks that can be automated.<\/p>\n \u201cOrganizations realize that to effectively manage vulnerabilities in the age of the Cloud, security must become a shared responsibility. Convergence between observability and security is critical to giving development, operations, and security teams the context they need to understand how applications are connected, where vulnerabilities are, and what actions need to be prioritized. This accelerates risk management and incident response\u201d, reinforces Greifeneder.<\/p>\n \u201cTo be truly effective, organizations must look for solutions that have AI and automation capabilities at their core, enabling the evolution of AISecDevOps. These solutions empower your teams to quickly identify and prioritize vulnerabilities at runtime, block attacks in real-time, and fix software flaws before they can be exploited. This means teams can stop wasting time in war rooms or chasing false positives and potential vulnerabilities that will never make it to production. Instead, they confidently deliver better, more secure software faster.\u201d<\/p>\n The report is based on a global survey of 1,300 CISOs in large organizations with more than 1,000 employees and was conducted by consultancy Coleman Parkes and commissioned by Dynatrace in April 2022. The sample included 200 respondents in the United States, 100 leaders from each country in the UK, France, Germany, Spain, Italy, Nordic countries, the Middle East, Australia and India, and 50 information security officers from each country in Singapore, Malaysia, Brazil and Mexico.<\/p>","protected":false},"excerpt":{"rendered":" 79% dos CISOs dizem que o gerenciamento cont\u00ednuo de vulnerabilidades em tempo de execu\u00e7\u00e3o \u00e9 um recurso essencial para acompanhar a crescente complexidade dos ambientes Multicloud\u00a0 A\u00a0Dynatrace,\u00a0refer\u00eancia\u00a0em Intelig\u00eancia de Software, anuncia os resultados de sua mais recente pesquisa global independente com 1.300 diretores de seguran\u00e7a da informa\u00e7\u00e3o (CISOs) em organiza\u00e7\u00f5es de grande porte. A pesquisa […]<\/p>\n","protected":false},"author":10,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[39,19],"tags":[3101,360,3100,525,2350],"class_list":["post-48103","post","type-post","status-publish","format-standard","hentry","category-coluna-4","category-ultimas-noticias","tag-ciso","tag-multicloud","tag-observalidade","tag-seguranca","tag-vulnerabilidades"],"acf":[],"yoast_head":"\n