Organizations build 'security debt' by focusing on new flaws

A focus on fixing new issues while neglecting ageing flaws leads to increasing security debt according to a new report. The study -- the 10th such report from security testing specialist Veracode -- analyzed more than 85,000 applications across more than 2,300 companies worldwide and finds that fixing vulnerabilities has become just as much a part of the development process as improving functionality. "Over the past 10 years, we've seen a vast improvement in the overall state of application security. We've gone from having to discuss why AppSec is important to having conversations about the best way to approach the problem.… [Continue Reading]