Cloud App Security Survey

Question Title

* 1. What is your role? (Select one response)

Developer

Technical/Engineering Director

Application Security Specialist

Platform Engineer

Site Reliability Engineer

Security Architect or Engineer

Security Operator

Other (please specify)

Question Title

* 2. What is the size of your business or organization? (Select one response)

Very small organization <250 employees

Small organization 251-1,000 employees

Medium-sized organization 1,001-10,000 employees

Large organization 10,001-50,000 employees

Enterprise >50,000 employees

Question Title

* 3. Which industry does your organization serve? (Select one response)

Financial Services

Game

Healthcare and Life Sciences

iGaming and Sports Betting

Media and Entertainment

Network Operator

Public Sector

Publishing

Retail, Travel and Hospitality

SaaS

Defense and Intelligence Solutions

Other (please specify)

Question Title

* 4. Who in your organization has primary responsibility for cloud application security? (Select one response)

An internal team focused solely on application security

A security lead on the development team(s)

Individual application developers

No named individual or team

External third-party or service provider

Don’t know

Question Title

* 5. In your opinion, who in your organization should have primary responsibility for cloud application security? (Select one response)

An internal team focused solely on application security

A security lead on the development team(s)

Individual application developers

No named individual or team

External third-party or service provider

Don’t know

Question Title

* 6. In your opinion, what are the biggest challenges your organization faces in cloud application security? (Rank the responses in order, with the biggest first)

Prioritizing application vulnerabilities, including OWASP API top vulnerabilities
Insufficient application security budget
Lack of in-house specialized skills in application security
Integrating security into the development lifecycle
The continuing proliferation of APIs
Lack of full visibility into application security due to the use of disparate security tools

Question Title

* 7. What, in your opinion, would be the best way to resolve these challenges with cloud application security? (Rank the responses in order, with the best way first)

Hire more security professionals
Hire more application developers
Create security-specific roles on the application development team
Lean more heavily on our cloud infrastructure provider/s for security tools
Purchase additional dedicated application security software
Provide current developers with more application security training

Question Title

* 8. Which of the following security technologies or services do you currently use? (Select all responses that apply)

Web application firewall (WAF)

Bot visibility and mitigation

DDoS protection

API discovery

Malware protection

Web security analytics

Other (please specify)

Question Title

* 9. In what way does security impact your decision to develop applications in the cloud? (Choose one response)

Application security is our highest priority in any cloud architecture decision

Application security is an important consideration in any cloud architecture decision

Application security is one consideration of many in any cloud architecture decision

Don’t know

Question Title

* 10. Which types of cloud workloads most concern you from an application security perspective? (Select one response)

IaaS

PaaS

SaaS

Question Title

* 11. What is the number one reason for your concern about cloud workloads and application security? (Select one response)

The possibility of data breaches

The misconfiguration of cloud resources

The impact of API vulnerabilities

A shift to a more distributed cloud architecture

Potential insider threats to exploit data in workloads

Actions by external malicious actors

Ensure apps run securely and deliver quality experiences

Shared infrastructure across public clouds with third parties

Question Title

* 12. In your opinion, what is the best way to secure applications in the cloud? (Rank the responses in order, with the best way first)

Standardize and formalize our approach to cloud application security
Establish a cloud application security center of excellence
Adopt more third-party cloud-specific application security tools
Rely on the judgment and knowledge of individual application developers
Outsource more of our cloud application security to third-party experts

Question Title

* 13. How concerned are you about cloud application security as a potential attack surface in the next year? (Select one response)

Very concerned

Concerned

Unconcerned

Don’t know

Question Title

* 14. How confident are you that your API inventory is complete? (Select one response)

Very confident

Confident

Not confident

Don’t know

Question Title

* 15. How many APIs is your organization using? (Use the sliding bar below to indicate the approximate number)

Dont Know

Up to 100,000 APIs

Question Title

* 16. What has happened to the number of APIs that your organization uses over the past 12 months? (Use the sliding bar below to describe how your APIs have increased, stayed the same, or decreased over the last 12 months)

Dont Know (-100%)

100%