In its 2018 Application Security Statistics Report, WhiteHat Security advocates for organizations to scan their applications for vulnerabilities while they are in production to reduce risks, costs, and complexity in the long run. “We find that organizations that take this approach experience markedly better AppSec outcomes – notably a 50 percent drop in window of exposure, an important metric that represents the amount of time that an application has a serious vulnerability that can be exploited to data breaches,” said Setu Kulkarni, WhiteHat’s vice-president of strategy and business development. Essentially, organizations that scan applications in production have a greatly reduced risk of being breached. WhiteHat cites its own data as well as that from the 2018 Verizon Data Breach Investigations Report (available on the WaterISAC portal), which notes that web applications were the biggest target for data breaches, as indicators that a new, fully integrated approach is needed. Read the report ay WhiteHat Security.