Security News > 2021 > April > Most applications today are deployed with vulnerabilities, and many are never patched
Before we talk about what can be done, how do we change this, fix this, how vulnerable are we? With security being left out of the equation oftentimes when it comes to software, where are we seeing that we are vulnerable?
Sixty percent of the vulnerabilities we find were never fixed.
Security to the extent that it asks that business to slow down so that security can somehow help make the business more secure, are we surprised that security always gets left behind? We shouldn't be.
The notion that in order to just continue to produce software with all its vulnerabilities we deployed in production and then hope that the deployed solutions, such as firewalls and antivirus, would somehow magically protect this application is fundamentally wrong.
In the last five years, whether it was Capital One, whether it was Equifax, and so many other software companies that get breached.
If you're a developer, software development, and I'm in application security, every time you write software, instead of me coming to you after the fact, I've already put down my requirements as rules in your software development practice.