Growing the AppSec Industry


In 2017, the AppSec industry is worth only $1B - $1.5B of an $81B market (growing ~15%).

If AppSec is really the key to solve the ‘security problem’ we face today, and will face more often in the future, we will need significantly more investment and focus in AppSec solutions (people, processes and technology).

This Working Session will consider the size and potential of the AppSec market, and what can be done to help its development.


  • Why is the AppSec market so small?
  • What can be done to increase it?
  • What is the role of OWASP in increasing this market, and what should the OWASP community focus on?
  • Is the market size a reflection that currently the number of ‘damaging’ attacks is still (relatively) small and that companies can safely afford not to invest in AppSec?
  • What is the role of Open Source tools in the AppSec market?
  • Are patents and ‘technology lock’ good or bad for the industry?


Related Working Session(s)

Back to list of all Working Sessions and Tracks

Edit this page here