The IBM acquisition of Watchfire Corporation makes IBM the first core application lifecycle vendor to demonstrate its willingness and commitment to solve the problem of application security. This is a win/win acquisition for customers as well as the application security market. This acquisition cements the role of application security and compliance in the well defined lifecycle.
Application security is an issue practitioners have chosen to defer to the operations group. The rationale is multi-faceted and includes issues such as: lack of skills, lack of time, and lack of support by upper management. In this Market Commentary, we examine the six truisms that must occur to make the practice of application security a reality.