Attacks targeting the application layer are on the rise.
Standards and legislation provide incomplete security coverage:
- 61% of applications had at least one Critical and High Issue NOT covered by OWASP Top 10.
- This up 12% YOY, from 49% to 61%.
Open source code has blind spots:
- Among the top movers in applications with vulnerabilities mapped to the OWASP TOP 10: A9 “Using Components with Known Vulnerabilities” had a significant 16% increase.
- 87% of the applications tested inherit a critical severity vulnerability from referenced components—up by 22% since 2017.
Download this report today to learn more about the pulse of AppSec from the Micro Focus Fortify Software Security Research team.