Mainly clear. Low near 40F. Winds W at 5 to 10 mph..
Mainly clear. Low near 40F. Winds W at 5 to 10 mph.
SAN FRANCISCO, March 29, 2022 (GLOBE NEWSWIRE) -- Tromzo, a developer-first application security management platform, has released the findings from its new Voice of the Modern Developer Report.
The report was based on a survey of more than 400 U.S.-based developers who work at organizations where they currently have CI/CD tools in place.
"These findings show that developers regularly ignore security issues, but can we really blame them?" said Tromzo CTO and co-founder Harshit Chitalia. "Security teams are bombarding them with an endless stream of issues that need to be addressed with no way for them to separate what's actually critical from all the noise, all while they are expected to release software more frequently and faster than ever before. If we want developers to truly implement security, we must make it easy for them. This means integrating contextual and automated security checks into the SDLC so we can transition from security gates to security guardrails."
42% of developers push vulnerable code once per month. When a developer knowingly publishes code they believe to be vulnerable, it is clear that they think it is not their responsibility to fix the code before it is pushed or other organizational pressures deprioritize security.Developers fix only 32% of known vulnerabilities. Given the volume of false-positive alerts that teams deal with today, fixing 32% of vulnerabilities could very well produce an acceptable result if developers could determine which 32% to fix. Unfortunately, without security training and experience, developers should not be expected to make that determination accurately. A third of vulnerabilities are noise. To reduce false-positive vulnerabilities, scans must have access to all of the required asset information so that security tools can accurately determine whether a vulnerability exists. Reducing security noise will allow developers to address security issues confidently.33% believe that developers and security are siloed. When developers and security teams operate in insulated silos, it leads to inefficiencies and gaps in security across the software development lifecycle. These silos ultimately lead to security vulnerabilities and bad user experiences.
To read a copy of the report, please click HERE.
Tromzo is a developer-first application security management platform that helps reduce the friction between developers and security. The company was founded by security practitioners and is backed by Innovation Endeavors, Operator Partners, SVCI and more than 25 leading CISOs and security industry executives. For more information, visit www.Tromzo.com
This content was issued through the press release distribution service at Newswire.com.
GET A FREE HEADLINES EMAIL EVERY EVENING.
Success! An email has been sent to with a link to confirm list signup.
Error! There was an error processing your request.
GET A FREE HEADLINES EMAIL TWICE DAILY.
Success! An email has been sent to with a link to confirm list signup.
Error! There was an error processing your request.
Success! An email has been sent to with a link to confirm list signup.
Error! There was an error processing your request.
Get breaking news in your email inbox as soon as it happens.
Get the latest headlines on local sports! From UM, MSU, High School sports and more.
Would you like to receive daily news updates from KULR-8? Sign up today!
KULR8.com 2045 Overland Ave Billings, MT 59102 Phone: (406) 656-8000 Fax: (406) 655-2687 Email: news@kulr.com
Get up-to-the-minute news sent straight to your device.