Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Takeaways From Veracode's State of Software Security Report [Podcast]

DZone's Guide to

Takeaways From Veracode's State of Software Security Report [Podcast]

This year's Veracode State of Software Security report explored security flaws in Java apps, a lack of fixes for security flaws in general, and the benefits of coaching.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

Veracode just published its latest “State of Software Security” report, get it here. Based on Veracode Platform data, these “SoSS” reports have been offering a goldmine of intelligence about how organizations are approaching AppSec since 2011. This year’s report is no different. Evan Schuman recently sat down with Veracode’s Director of Product Management Tim Jarrett to discuss the findings emerging from the latest report, and what they reveal about where organizations are seeing success securing their code, and where they’re not. For instance, they discuss:

  • Why this year’s report found that a very high percentage (88%) of Java applications had at least one flaw in a component.
  • Why the 2017 report found that, although organizations are wisely going after their most severe vulnerabilities first, we only see a fix rate of 37% for these severe flaws.
  • The fact that remediation coaching improved fix rates by 88%, and why this strategy has such a big impact.

Listen to this discussion to hear more about the 2017 “State of Software Security” report and what the findings reveal about application security today. 

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
security ,java security ,vulnerabilities ,software security

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}