In a recent study, Veracode found that only 16 percent of 10,000 applications tested received a passing grade on their security.
"The finding, presented in the latest, semi annual State of Software Security Report, is a marked departure from Veracode's report six months ago, in which 42 percent of the applications tested passed on their first try," writes Threatpost's Paul Roberts. "Application security experts at the company reported continued problems with insecure Web applications in use by government agencies, and a plethora of insecure mobile applications."
"The precipitous drop in the 'pass' rate for applications was caused by the introduction of new, tougher grading guidelines, including a 'zero tolerance' policy on common errors like SQL injection and cross site scripting holes in applications, Veracode said," Roberts writes.
Go to "Insecure Applications: We Are The 84 Percent!" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.