How do vendor security reviews influence technology purchases?
None, we don't perform vendor security reviews7%
Very little, our vendor reviews are mostly a box-checking exercises37%
Sometimes vendor security reviews delay purchases but they don't change outcomes29%
Vendor security reviews break ties between equal vendors15%
Vendor reviews make security a key buying criteria11%
291 PARTICIPANTS
We have an App Sec and Architecture review as an integral part of Vendor evaluation. This allows us to categorize vendor based on security score and also keep technical debt very low