"Apps Gain More Security Flaws as They Get Older"

A recent report from the security testing company Veracode reveals that while 32 percent of applications have vulnerabilities during the initial scan, nearly 70 percent contain at least one security flaw after five years in production. The report proposes that teams prioritize remediation early in the software development lifecycle to reduce the risks associated with flaw accumulation. After the first scan, apps enter a "honeymoon period" of stability, with over 80 percent having no new vulnerabilities in the first 1.5 years. However, when this period ends, the number of newly introduced vulnerabilities begins to increase to around 35 percent by the end of five years. By the time software reaches the 10-year mark, there is a 90 percent likelihood that it contains at least one vulnerability. Additionally, the research team at Veracode analyzed 30,000 open-source repositories hosted publicly on GitHub, finding that 10 percent of repositories had not seen a source code update in nearly six years. This article continues to discuss key findings from Veracode's report on the state of software security.

BetaNews reports "Apps Gain More Security Flaws as They Get Older"