Security debt, defined as flaws that remain unfixed for longer than a year, exists in 42% of applications and 71% of organizations, according to Veracode. Worryingly, 46% of organizations have persistent, high-severity flaws that constitute ‘critical’ security debt, putting businesses at serious risk in terms of impact on confidentiality, integrity, and availability. According to the report, 63% of applications have flaws in first-party code, while 70% contain flaws in third-party code imported via third-party libraries. … More
The post 36% of code generated by GitHub CoPilot contains security flaws appeared first on Help Net Security.
