Veracode has been in the application security business for more than 10 years. We’ve scanned almost 6 trillion lines of code, and helped our customers fix more than 36 million security-related defects. In 2017, OWASP pass rates improved by 13 percent from first application scan to last scan. Developers simply arent equipped with the knowledge or skills they need to fix these flaws, we say. Developer training has an essential role in reducing flaws, and getting developers the security training they need makes a big difference.”]
Source: https://www.csoonline.com/article/3237084/application-security-what-s-working.html