Secure Code Development News to Celebrate

Fewer Applications Carry OWASP Top 10 Flaws Mathew J. Schwartz (euroinfosec) • May 14, 2025

Cybersecurity mavens for years pleaded with software executives to prioritize secure development. Every code bug smooshed during development or swept away during quality assurance prevents yet more exploitable vulnerabilities.

See Also: OnDemand | Navigate the threat of AI-powered cyberattacks

Secure development proponents may finally have momentum, based on an accelerating count of applications that don't sport an Open Web Application Security Project top 10 security flaw. That's according to research presented by Chris Wysopal and Jason Healey.

In 2010, 77% of all software applications contained an OWASP top 10 flaw, a figure that persisted at the high number of 68% by 2020, said Wysopal, co-founder and chief security evangelist at Veracode, during a RSAC Conference session in San Francisco on April 28.

At that "ridiculously slow pace, I was like, we're not ...