"Organizations Knowingly Ship Vulnerable Code Despite Using AppSec tools"
Researchers at Veracode, while conducting a survey, found that nearly half of organizations regularly and knowingly ship vulnerable code despite using AppSec tools. Among the top reasons cited by the organizations for pushing vulnerable code, were pressure to meet release deadlines (54%) and finding vulnerabilities too late in the software development lifecycle (45%). The respondents said that the lack of developer knowledge to mitigate issues and lack of integration between AppSec tools were two of the top challenges the respondents face when implementing DevSecOps.
Help Net Security reports: "Organizations Knowingly Ship Vulnerable Code Despite Using AppSec tools"
Submitted by Anonymous
on