Organizations knowingly ship vulnerable code despite using AppSec tools

2020-08-12 04:30

Nearly half of organizations regularly and knowingly ship vulnerable code despite using AppSec tools, according to Veracode.

The research sheds light on how AppSec practices and tools are intersecting with emerging development methods and creating new priorities such as reducing open source risk and API testing.

Developers' lack of knowledge on how to mitigate issues is the biggest AppSec challenge - 53% of organizations only provide security training for developers once a year or less.

43% of companies report that they have between 11-20 AppSec tools in use, while 22% said they use between 21-50.

Using analytics to track progress of AppSec programs and to provide data to management.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/vztT36EwoQQ/

#appsec #tools