State of Software Security Volume 9
What Will You Learn?
Veracode’s State of Software Security report provides the security industry’s clearest picture of software security risk. Over the course of 12 months, we’ve scanned over 2 trillion lines of code - across 700,000 scans - to bring you metrics that represent the industry’s most comprehensive set of application security benchmarks.
Our goal with Volume 9 was to delve deep into the statistics that show how long it takes for different types of vulnerabilities to get fixed, and to understand why certain risks linger for as long as they do.
This year’s report addresses:
- How different variables impact fix velocity
- The persistence of flaws once they’ve been discovered
- Evidence that DevSecOps has the potential to be a very positive influence on the state of software security
Use this report to:
- Learn best practices to decrease the time between flaws found and flaws fixed.
- Compare policy compliance data by industry, scan frequency, vulnerability type, and more.
- See what trends are impacting software security, such as DevOps and open source components.