How do vendor security reviews influence technology purchases?
None, we don't perform vendor security reviews6%
Very little, our vendor reviews are mostly a box-checking exercises37%
Sometimes vendor security reviews delay purchases but they don't change outcomes30%
Vendor security reviews break ties between equal vendors14%
Vendor reviews make security a key buying criteria11%
290 PARTICIPANTS
We have an App Sec and Architecture review as an integral part of Vendor evaluation. This allows us to categorize vendor based on security score and also keep technical debt very low