Report

State of Software Security Volume 10

For the past decade, Veracode’s State of Software Security report has provided the security industry’s clearest picture of software security risk. For Volume 10, we analyzed the data collected from 1.4 million scans, 85,000 applications, and nearly 10 million security findings. The resulting metrics represent the industry’s most comprehensive set of application security benchmarks.


Read the report to gain valuable perspective on the state of software security today and find more strategies for improving your software security.

Get the Report


What will you learn?

Volume 10 of the SOSS revisits the concept of flaw persistence analysis we introduced in Volume 9, but hones in on the accumulating security debt in applications caused by those persistent flaws and long fix timeframes. Take a look at SOSS X, where you’ll get:


• SOSS “Then vs. Now” comparisons

• The overall state of software security today, including flaw prevalence, fix rates, the frequency of application testing, and more

• An understanding of what security debt is, and what factors contribute to it

• A look at the data broken down by industry and region


Use this report to:

• Learn best practices to decrease the time between flaws found and flaws fixed, and to avoid increasing security debt.

• Compare policy compliance data by industry, scan frequency, vulnerability type, and more.

• See what trends are impacting software security, such as DevOps and scanning cadence.