Skip to main content

Half of All Companies Do Not Have Adequate Visibility Into Application Security Even As Threat Severity Expected to Rise 

San Francisco, CA – May 9, 2018 – Arxan Technologies, the trusted provider of application protection solutions, announced today the results of the 2018 Global Study on Application Security, conducted by the Ponemon Institute. The study surveyed nearly 1,400 IT and IT security practitioners in the United States, European Union and Asia-Pacific to understand the risk applications pose to businesses when running in unsecured environments and how they are addressing this risk.

The results indicated a predominant global issue: application breaches are rising and so are the security risks of running business critical apps in zero-trust environments. However, companies are not adequately investing in application security measures until after breaches occur, resulting in loss of productivity, customer trust and revenue.

“This is a big deal, it’s not pocket change. The average data breach costs almost $4 million when you include lost customers, the impact to operations, and your insurance costs going up ,” says Rusty Carter, vice president of product management, Arxan. “Companies have to change the way they think about investing in app security because threats are only getting worse.”

Risk of Application Breaches Is Real

The study shows that nearly 75 percent of organizations likely, most likely or definitely experienced a material cyber-attack or data breach within the last year due to a compromised application. Sixty-four percent of respondents say they are either very concerned or concerned that they will be hacked through an application. Additionally, 54 percent expect the severity of threats to increase in 2018.

Most Organizations Still Don’t Invest Adequately in App Security

Only 25 percent of respondents say their organization is making a significant investment in solutions to prevent application attacks despite awareness of the negative impact of malicious activity (decreased productivity, decline in revenues, lost customers). Almost half of the business management team (48 percent) believes that app performance and speed are more important than security, whereas 56 percent of IT management ranked performance and security as equally important. A startling 65 percent of companies say they would be spurred to increase application protection measures only after an end user or customer were negatively affected.

“It’s disturbing that so many companies acknowledge the increasing risk of application attacks, yet they are doing very little to prevent breaches from occurring,” says Joe Sander, CEO, Arxan. “It’s backward thinking, and it puts customers at significant risk. It’s crucial to place security investments where attacks are happening.”

App Threat Analytics Enable Proactive Security Posture

The majority (79 percent) of survey respondents agreed the ability to detect application attacks “in the wild” is very important. And nearly half of the survey’s respondents say they would update their application protection solution as frequently as hourly or daily if they had visibility into specific types of attacks being waged against their apps.

Arxan’s newly released Threat Analytics service provides this visibility.   It allows business owners to see who, how and from where applications are being attacked – while attacks are in progress – and rapidly deploy proactive countermeasures before an attack is completed or becomes widespread. Arxan’s Threat Analytics service is integral to the company’s multi-layered application protection, unparalleled threat intelligence offerings and enterprise customer success, delivering the industry’s most comprehensive application protection solutions for the enterprise.

“The ability to know how app attacks are being executed as they unfold reduces the window of opportunity for attackers,” says Sander. “That real-time intelligence lets businesses respond with direct countermeasures to stay ahead of threats, and can help validate the need for increased AppSec investment before it’s too late.”

To read the complete survey findings, visit

About Arxan Technologies

Arxan, a global trusted leader providing the industry’s most comprehensive application protection solutions, works with organizations looking to protect applications and to securely deploy and manage business-critical apps to the extended enterprise. Arxan currently protects more than one billion application instances across many industries including financial services, mobile payments, healthcare, automotive, gaming, and entertainment. Unlike legacy security providers that rely on perimeter-based barriers to keep bad actors out or that require device management controls, Arxan products protect at the application-level from the inside out. This approach protects the source and binary code to expand the corporate perimeter of trust. Arxan provides a broad range of patented security capabilities such as a dynamic app policy engine, code hardening, obfuscation, white-box cryptography and encryption, and threat analytics. Founded in 2001, Arxan is headquartered in North America with global offices in EMEA and APAC. For more information, please visit or follow @Arxan on Twitter.