DZone
Security Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Security Zone > Takeaways From Veracode's State of Software Security Report [Podcast]

Takeaways From Veracode's State of Software Security Report [Podcast]

This year's Veracode State of Software Security report explored security flaws in Java apps, a lack of fixes for security flaws in general, and the benefits of coaching.

Suzanne Ciccone user avatar by
Suzanne Ciccone
·
Oct. 23, 17 · Security Zone · Presentation
Like (1)
Save
Tweet
2.21K Views

Join the DZone community and get the full member experience.

Join For Free

Veracode just published its latest “State of Software Security” report, get it here. Based on Veracode Platform data, these “SoSS” reports have been offering a goldmine of intelligence about how organizations are approaching AppSec since 2011. This year’s report is no different. Evan Schuman recently sat down with Veracode’s Director of Product Management Tim Jarrett to discuss the findings emerging from the latest report, and what they reveal about where organizations are seeing success securing their code, and where they’re not. For instance, they discuss:

  • Why this year’s report found that a very high percentage (88%) of Java applications had at least one flaw in a component.
  • Why the 2017 report found that, although organizations are wisely going after their most severe vulnerabilities first, we only see a fix rate of 37% for these severe flaws.
  • The fact that remediation coaching improved fix rates by 88%, and why this strategy has such a big impact.

Listen to this discussion to hear more about the 2017 “State of Software Security” report and what the findings reveal about application security today. 

Software Application security

Published at DZone with permission of Suzanne Ciccone. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Debugging Java Collections Framework Issues in Production
  • Toying With Kotlin’s Context Receivers
  • What Is Cloud-Native Architecture?
  • A Guide to Understanding Vue Lifecycle Hooks

Comments

Security Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo