Security News > 2022 > April > How often do developers push vulnerable code?

A Tromzo report reveals developers remediate only 32% of vulnerabilities and regularly push vulnerable code.

"These findings show that developers regularly ignore security issues, but can we really blame them?" said Tromzo CTO Harshit Chitalia.

"If we want developers to truly implement security, we must make it easy for them. This means integrating contextual and automated security checks into the SDLC so we can transition from security gates to security guardrails."

Developers and the vulnerable code 42% of developers push vulnerable code once per month.

When a developer knowingly publishes code they believe to be vulnerable, it is clear that they think it is not their responsibility to fix the code before it is pushed or ??other organizational pressures deprioritize security.

Reducing security noise will allow developers to address security issues confidently.

News URL

https://www.helpnetsecurity.com/2022/04/06/developers-push-vulnerable-code/