State of Software Security Report
Volume 5

For the past 5 years, Veracode has examined trends associated with exploitable vulnerabilities in enterprise applications.

Download the Report


OR
  •  

TOPICS COVERED:


This report draws on continuously updated information from Veracode’s cloud-based platform, representing a wide range of:

  • Application types (web, mobile, non-web)
  • Programming languages (Java, C/C++, .NET, PHP, ColdFusion)
  • Security testing methodologies (static binary, dynamic and manual).

WHAT YOU WILL LEARN:


Based on tens of thousands of applications assessed by Veracode's cloud-based platform, this report describes key findings such as:

  • 87% of web applications fail the OWASP Top 10
  • 69% of non-web applications fail the CVE/SANS Top 25
  • Information leakage and encryption issues are among the top vulnerabilities found for mobile apps (Android, iOS, Blackberry)