State of Software Security Report

State of Software Security Report


The State of Software Security is a semi-annual report that draws on continuously updated information in Veracode’s cloud-based application risk management services platform. Unlike a survey, the data comes from actual code-level analysis of billions of lines of code and thousands of applications.

The resulting security intelligence cannot be found anywhere else. It represents multiple testing methodologies(static binary, dynamic, and manual) on the full spectrum of application types (components, shared libraries, web and non-web applications) and programming languages (including Java, C/C++, .NET, ColdFusion, and PHP) from every part of the software supply chain (Internally Developed, Open Source, Outsourced, Commercial). For those executives, security and development professionals who want to better understand the vulnerabilities that threaten the integrity and performance of software in the software supply chain, this series of reports is essential reading.

In Volume 2 of the State of Software Security there are nearly 1,400 more applications than in the inaugural report, reflecting the growing use of independent, cloud-based application risk management services. As before, the report first examines the security quality of applications by type of supplier in the software supply chain and then explores application security by language, industry, and by application type across both web and non-web applications.

New in Volume 2 are data from third-party assessments, the first inclusion of PHP and ColdFusion applications, a comparison of static binary, dynamic, and manual testing effectiveness, and additional analytics on Financial industry applications.

Veracode, Inc.
28 Feb 2011
28 Feb 2011
36 Page(s)
White Paper
Already a Bitpipe member? Login here

Download this White Paper!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.