The Veracode State of Software Security represents the 10th version of the report. Much like the application security industry, the report has evolved over the past 10 years to focus more on fix trends than on finding security defects. Like previous reports, SOSS volume 10 provides insights into the most common types of vulnerabilities, practices that lead to improved fix rates, and industry performance.
The report found that the majority of flaws are remediated (56%) and that companies scanning more often carry about 5X less security debt than the lightest scanners. Why? Because these teams have automated security testing, have made security activities habitual, ensure that security issues stay top of mind, and end up fixing more flaws – suggesting DevSecOps practices improve overall software security.
Read the report to gain valuable perspective on the state of software security today and find more strategies for improving your software security.