in , ,

Veracode Report Looks at State of Software Security in Public Sector

Veracode Report Looks at State of Software Security in Public Sector - top government contractors - best government contracting event
Software security

A new Veracode study shows that 82 percent of applications in the public sector exhibit security flaws and that 60 percent of vulnerable third-party libraries in the sector remain unresolved after two years.

Veracode said Tuesday it analyzed data gathered from 20 million scans across half a million applications for the annual State of Software Security report and found that the public sector has an overall fix rate of 22 percent.

“Organizations in this sector must act with urgency,” said Chris Eng, chief research officer at Veracode. 

They can improve their secure DevOps practices significantly by using multiple types of scanning—static, dynamic, and software composition analysis—to get a more complete picture of an application’s security, which in turn will help them to improve remediation times, comply with industry regulations, and make the case for increasing application security budgets,” added Eng.

According to the study, the public sector showed progress when it comes to fixing high severity flaws, which was observed in only 16 percent of the sector’s applications. There was also a 30 percent drop in the number of high severity flaws, reflecting government agencies’ understanding of guidelines on software security as outlined in the cybersecurity executive order.

We think that the progress made against high security flaws is a great starting point and support all public sector agencies who seek to gain better control over their software supply chains,” Eng said.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

Lockheed Tests PAC-3 Missile Interceptor's Performance With Army's THAAD Defense Platform - top government contractors - best government contracting event
Lockheed Tests PAC-3 Missile Interceptor’s Performance With Army’s THAAD Defense Platform
SpiderOak, Lockheed Seek to Secure Space Data via Cybersecurity Tech Partnership - top government contractors - best government contracting event
SpiderOak, Lockheed Seek to Secure Space Data via Cybersecurity Tech Partnership