Responsibility for securing enterprise applications has been moving down the development lifecycle, and for good reason. It not only makes the enterprise more secure, but also saves companies time and money. For example, the average time to fix a vulnerability in IBM's application security solution has dropped from 20 hours to 30 minutes, according to a study Forrester Consulting released last month. Also, finding bugs earlier rather than later in the development process resulted in a 90 percent cost savings.