|Security Flaws The Effects of Time and Language|
|Written by Sue Gee|
|Wednesday, 22 February 2023|
Introducing the State of Software Security 2023 Report on the Veracode blog, Natalie Tischler reveals that the first takeaway from the analysis is about the accumulation of security flaws over time. By the time they move into production, nearly one-third of all applications have flaws. Irrespective of their original size, applications grow by about 40 percent year-on -year and so does the incidence of flaws. Nearly 70 percent of applications contain at least one by the time they have been in production for five years, and by the time an application is 10 years old only 10% are free of security flaws
Looking at flaw prevalence in the latest scan over the past twelve months, over 74% of applications contain at least one:
Regarding flaws defined on the OWASP Top 10, a list of the 10 most common application vulnerabilities from the Open Web Application Security Project, 70% are affected. In addition over 56% have at least one flaw included in the CWE Top 25. However fewer than 20% have High Severity flaws which is a drop from the 24% when we reported on Veracode's findings two years ago.
This years' report includes a "rolling view" of the evolution of flaws which shows that things are improving as every measurement trends downwards of the last six years.
Veracode State of Software Security 2023 Report
Veracode Reveals Security Flaws
State of Software Security (2015)
Ever Increasing Need For Secure Programming
To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.
or email your comment to: firstname.lastname@example.org
|Last Updated ( Wednesday, 22 February 2023 )|