What is the State of Software Security in These Crazy Times?

ZeroNorth Platform

Publish Date

Apr 23, 2020

Written by

John Worrall

Tagged with

  • Software Security

Right now, the cyber world is thick with COVID-19-related sales pitches. Many are spot on, like multi-factor authentication, while others stretch the boundaries of credibility.

What about us? Is there something about the problem we are solving, about software security, that makes it more of an imperative than it was three months ago? Is it possible our mission is more critical now than ever before? The answer is, yes and no.

Let’s start with “no.”

Our work as the first providers of risk-based vulnerability orchestration has always been critical. And a global pandemic doesn’t change that. Few things on the CISO to-do list should be more important than finding, prioritizing and quickly remediating known vulnerabilities in applications and infrastructure.

Zero-day attacks make good copy and even better cocktail conversation. But the vast majority of cyberattacks don’t use them. Less than 10%, according to most of what you read. Less than 1%, according to people who know what they’re talking about. The other 99%? They exploit known vulnerabilities, which is why organizations need to focus on the basics of proactive software security now, just as they did a few months ago. Nothing has changed.

The second and equally important fact to consider is this: digital transformation is reshaping business and consumer behavior. Applications are spreading like wildfire. Software is proliferating, and it’s arguably the fastest-growing attack surface around the globe. As organizations continue to deliver innovation through software, they must make it secure. It has to be trusted. This is true now, just as it was three months ago.

Has the pandemic made our work more critical than ever? Perhaps not, but nothing has made it less significant, either. Software security is a must. It’s not an option in any environment. Nothing about the pandemic has made delivering trusted software less critical.

And on the “yes” side of the argument…

Our approach to solving the vulnerability challenge remains unique and compelling. ZeroNorth can deliver better vulnerability discovery, prioritization and targeted remediation than anyone else. Anyone.

Great discovery means implementing multiple scanning tools to “see the whole elephant.” It means simplifying the tool on-boarding process and automating and orchestrating the execution of scans. It means linking vulnerabilities to potential business impact. It means compressing results into “units of developer work” that provide the information needed to make smart decisions on how to address vulnerabilities. And it means enabling organizations to do this quickly and with fewer resources.

In some ways, nothing has changed.

I will never make the argument that the pandemic has created a greater need for our solution; it’s always been a critical need. It was before, it is now and it will be in the future. Nothing here has changed. What has changed is, ZeroNorth has a new, innovative approach that provides our customers with a truly “better, faster, cheaper” solution, which is precisely what companies are looking for, especially now. This is our unique advantage.

Stay safe. Stay healthy. Family first.

eBooks & Research Reports

Research Report: The Journey to True DevSecOps

Many questions emerge as the topic of DevSecOps is volleyed about. First, confusion exists in terms of understanding what it actually means to get to true ...

Read Now


Application Security: Bridging the Gap Between DevOps and Security Teams

When AppSec and DevOps teams aren’t aligned on how to deliver secure software, fast, organizations are at risk. This video discusses how to tackle this challenge ...

Watch Now

Related Articles

ZN Logo for Blog


ZeroNorth Appoints Bruce McPherson as Vice President of Engineering

By ZeroNorth Jul 19, 2021

There are a number of paths companies may take on the journey to true DevSecOps. Regardless the route, one constant holds true: the need for a ...

Read More


On the Importance of Juneteenth

By ZeroNorth Jun 18, 2021

This Saturday, June 19th—otherwise known as “Juneteenth”—marks an auspicious day dedicated to African American history and the official end of slavery in the US. Symbolically, it ...

Read More

The ZeroNorth DevSecOps platform offers options for your DevSecOps journey—getting started with AppSec, finding enterprise visibility or fully integrating security into DevOps.