An EMA survey of 129 software development professionals uncovered that for those using code scanning tools, only 10% of organizations prevented a higher percentage of vulnerabilities than organizations not using code scanning tools, while continuous training greatly improved code security for over 60% of organizations that adopted it. Researchers also found that as many as 70% of organizations are missing critical security steps in their software development lifecycle (SDLC), highlighting a struggle with a ‘shift-left’ approach.
Read full article on Help Net Security