RSAC 2025 – ArmorCode, the leading Application Security Posture Management (ASPM) platform, in partnership with the Purple Book Community (PBC), a community of senior security leaders, today release...
Eighty-four percent recognize the role of the AppSec leader as more important now than ever as organizations face growing challenges of AI-generated code and open source software.
Key Findings Include:
SAN FRANCISCO: RSAC 2025 – ArmorCode, the leading Application Security Posture Management (ASPM) platform, in partnership with the Purple Book Community (PBC), a community of senior security leaders, today released “The Rise of the AppSec Leader.” The new research, which surveyed CISOs and other security leaders, found that ASPM is becoming a strategic investment priority (76 percent), largely due to major increases in AI-generated code, with 92 percent reporting insecure code as a concern. Sixty-five percent believe AI will significantly reshape the AppSec function, making the role of the AppSec leader more important now than ever to protect enterprises rapidly transformed by AI, cloud-native development and rising application threats.
As organizations become digital-first and rapidly adopt generative AI for software development, code is being created faster than ever while adding new security gaps. The research finds that AppSec leaders are growing in importance to solve this challenge by protecting enterprise applications, bridging development and security, guiding secure AI use, and harnessing platforms like ASPM for visibility and independent governance over increasingly fragmented environments.
Key Findings:
Purple Book Community Member Perspectives
“This is a defining moment for AppSec,” said Karthik Swarnam, Chief Security and Trust Officer for ArmorCode and Purple Book Community member. “Applications are now central to how businesses operate and compete. But as development accelerates with AI-generated code, we need stronger governance, deeper collaboration, and leaders who understand both software risk and velocity. That’s where the AppSec leader comes in and why more than 84 percent of survey respondents believe their role is more important now than it was a few years ago.”
“Visibility is always one of the industry’s biggest challenges,” said Mayank Joshi, Head of Cloud Security and GRC at NetApp. “With so many moving parts in modern software development, exacerbated by the fast adoption of AI-generated code, ASPM gives us the clarity we need to prioritize what matters most and connect all the dots.”
“With the rapid technological transformation in engineering and critical infrastructure—such as connected devices, Industry 4.0, and new regulations like the CRA and SOCI Act—product security is also becoming an imperative component of business strategy,” said Jagadish Namboodiri, Director of Global Product Cybersecurity Operations at Wabtec. “Product security is all about embedding cybersecurity into the product lifecycle holistically, right from drawing board till the end of life of the product, while improving the value and resiliency of the product to the customer and the business.”
“Software supply chain threats have emerged as one of the most significant concerns and risks in enterprise application security,” stated Mithun Rajoor, Head of Application and Infrastructure Security at S&P Global. “Application Security Posture Management (ASPM) enables us to comprehensively assess and mitigate these risks across both internal and third-party components, spanning applications, infrastructure, and code. At S&P Global, we are integrating our threat response across these domains to holistically enhance our overall security posture.”
Purple Book Connect at RSAC
The research findings are also being discussed at the Purple Book Community’s PBC Connect Event on Monday, April 28 at RSAC, where notable security leaders are sharing strategies for scaling application security in fast-paced, AI-driven development environments through multiple panel discussions.
Additional Resources:
Research Methodology
ArmorCode surveyed The Purple Book Community of security leaders, including chief information security officers (CISOs), other C-suite executives, application and product security leaders, directors and engineers, developers and more from March-April of 2025.
About ArmorCode
ArmorCode is on a mission to supercharge security teams with a new independent governance approach to reduce risk and burn down critical security technical debt. With its AI-powered ASPM Platform, driven by over 25 billion findings from over 285 ecosystem integrations, ArmorCode delivers a single, unbiased view of your risk across applications, infrastructure, containers, and cloud. ArmorCode unifies and normalizes findings, correlates them with business context and threat intel through adaptive risk scoring, and orchestrates security workflows to empower users to easily remediate issues. ArmorCode delivers unified visibility, AI-enhanced prioritization, remediation and scalable automation for customers so they can realize a complete understanding of risk, respond at scale, and collaborate more effectively.
Enterprises of all sizes, including dozens of Fortune 1000 companies, scale their security effectiveness by more than 10x and maximize their ROI on existing security investments with ArmorCode through managing Application Security Posture, Risk-Based Vulnerability Management, Software Supply Chain Security, DevSecOps, and Risk & Compliance. For more information, visit www.armorcode.com.
About The Purple Book Community
The Purple Book Community (PBC) is a network of over 450 software and cybersecurity leaders on a mission to democratize software security and solve its ever-evolving challenges. Through global virtual and in-person events, member-driven content, diverse initiatives, and publications like The Purple Book of Software Security, the community equips practitioners with the knowledge and tools to adopt secure development practices, mature their security programs, and advance their careers in cyber.
Learn more at www.thepurplebook.club.
Fonte: Business Wire
Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…
G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes
Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries
Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…
Resecurity, a U.S.-based leader in cyber threat intelligence and risk management solutions, is proud to announce its participation in DSEI Japan 2025,…
Generational Group, a leading mergers and acquisitions advisory firm for privately held businesses, is pleased to announce the sale of Elarasys Worldwide,…
The Thiel Foundation has officially unveiled its 2025 class of Thiel Fellows, assembling a group of brilliant young minds from around the world who are…
LICT Corporation (“LICT” or the “Company”; OTC Pink®: LICT) reports financial results for the quarter ended March 31, 2025. Total revenues for the first…