A study by Legit Security highlights severe vulnerabilities in enterprise software development, revealing that all organizations have high or critical security risks. Key issues include secrets exposure and pipeline misconfigurations affecting 89% of companies. The study also underscores the dangers posed by generative AI in coding practices. Recommendations focus on enhancing secrets management, strengthening AI security controls, and improving access management to mitigate these vulnerabilities.
Implement comprehensive secrets management by avoiding committing secrets to Git repositories, using password managers, and encrypting necessary repository secrets.
The study found that 78% of organizations have duplicate Software Composition Analysis (SCA) scanners, leading to redundant or contradictory security findings.
Collection
[
|
...
]