Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎04-02-2020 08:25 PM
‎04-02-2020 08:25 PM

State of Software Security Report

Earth shattering news from Veracode today in its State Software Security Report Volume 10: Apps are insecure!

 

  • 83 percent of applications have at least one flaw in their initial scan
  • 68 percent of developers say their organizations don't provide training in application security
  • Newly found security flaws are prioritized over older flaws

The bottom line: application security debt is piling up! Do your part to reduce technical debt, sponsor a bug fixit week for your organization. Make your next sprint security focused.

Reply
1 Reply
CISOScott
Community Champion
‎04-03-2020 07:54 AM
‎04-03-2020 07:54 AM

Also look to provide app scanning as part of your vulnerability management process.

Institute measures to offer app scanning at multiple points in the process, In Development, Pre-production, and Post-Production. Create a process where developers can ask for ad-hoc/on demand scans. Look to add value to your security department by providing a service that helps both departments.

 

Too often I see a vulnerability management program that only does vulnerability scanning on endpoints or servers but forgets to include applications or farms it out to a third-party once every three or more years. 

Reply
0 Kudos