March 1, 2018 | by Aquion
Veracode’s annual State of Security report makes several improvements over previous years by adding contextual survey data to better understand customer statistics. The report offers in-depth analysis of Veracode application scanning data to identify trends in vulnerability types, policy compliance, development practices, and more, across multiple industries.
The report indicates 77% of applications present vulnerabilities with less than a third of applications passing Open Web Application Security Project (OWASP) policies. This is not to blame AppSec solutions as many of these customers did not implement AppSec at all. Customers who did deploy even minor AppSec enjoyed increased OWASP pass rates.
Information leakage has again been crowned the leading vulnerability issue affecting 66% of applications. The recently executed Australian Data Breach Notification make these vulnerabilities a pressing concern. Additionally, with only 14% of high severity flaws fixed in 30 days or less the importance of removing vulnerabilities in the initial development phase has gained further importance.
Despite increased security awareness amongst the developer community there are statistically no correlating improvements to AppSec. Unfortunately, this indicates a low adoption of AppSec best practices which presents significant vulnerabilities and costs to organisations involved with app development. This further highlights the importance of AppSec to ensure best practices are being executed.
Aquion understands AppSec and the benefits it can bring to organisations. With application development driving internal change and handling increased amounts of critical data it is imperative for organisations to implement effective AppSec solutions. If organisations are going to take control of software vulnerabilities they’re going to need to monitor the entire software lifecycle, and quickly.
Use the Veracode State of Security Report 2017 to identify business risks and contact us to implement the security best practices.