31% don’t track application dependencies and 38% only track direct dependencies
6y agoen
Source
Snyk31% don’t track application dependencies and 38% only track direct dependenciessnyk.ioAs we look into the way engineers audit their code bases, we see a strong adoption of automated security tooling, according to the Snyk State of Open Source Security report 2019, with 65% of respondents confirming that observation. It is also important to point out that, even when automated security tools are employed, 79% of the respondents still use security code reviews.
You might also wanna read
Survey: 70% of developers say AI code has more vulnerabilities, 30% ship it anyway
A Checkmarx survey of 2,350 developers, CISOs, and AppSec managers reveals that 70% of developers believe AI-generated code contains more vu
Survey: 75% of Developers Admit Knowingly Deploying Vulnerable Code as Security Crisis Deepens
A survey of 2,350 developers, CISOs, and application security managers reveals a deepening DevSecOps crisis in the age of AI. Key findings i
LLM-powered scanners set to overwhelm open source maintainers with security vulnerabilities by 2026
The article warns that by summer 2026, LLM-powered code scanners will dramatically increase the rate of security vulnerability discoveries i
Census II Report on Open Source Software
dwheeler.com·6y ago
AI Coding Tools Create Review Burden for Open Source Maintainers
The article discusses the challenges that AI coding tools like GitHub Copilot, Cursor, and Claude create for open source maintainers. While
samsaffron.com·8mo agoAI-driven development outpaces security testing, leaving organizations vulnerable
The article reports that AI-accelerated software development is outpacing traditional security testing methods. Based on Aikido Security's 2

Comments
Sign in to join the conversation.
No comments yet. Be the first.