A recent study by Veracode reveals that public sector organizations take an average of 315 days to fix software vulnerabilities, far surpassing the general average of 252 days. Alarmingly, 78% of these organizations have unresolved flaws for more than a year, with critical vulnerabilities often left unattended. The majority of these issues stem from third-party and open-source code, which poses the greatest risk. As reliance on AI-generated code increases, the urgency to modernize security practices and conduct thorough analyses of open-source dependencies has never been more critical.
The public sector is experiencing significant delays in addressing software vulnerabilities, with an average of 315 days to fix half of their flaws.
Veracode's study reveals that 78% of public sector organizations have unaddressed flaws for over a year, emphasizing the need for immediate action.
Critical security debt is especially problematic in government systems, stemming primarily from unaddressed vulnerabilities in third-party and open-source software.
As organizations increase the use of AI-generated code, the need for comprehensive open-source analysis becomes crucial to prevent severe security issues.
#public-sector #cybersecurity #software-vulnerabilities #open-source-software #securing-software-supply-chains
Collection
[
|
...
]