Just 16 percent of 10,000 applications tested in the last six months received a passing security grade on their first attempt. The finding is a marked departure from Veracode s report six months ago, in which 42% of the applications tested passed. The precipitous drop in the pass rate for applications was caused by the introduction of new, tougher grading guidelines, including a zero tolerance policy on common errors like SQL injection and cross site scripting holes in applications.
Source: https://threatpost.com/insecure-applications-we-are-84-percent-120711/75961/