36% of code generated by GitHub CoPilot contains security flaws

Security debt, defined as flaws that remain unfixed for longer than a year, exists in 42% of applications and 71% of organizations, according to Veracode. Worryingly, 46% of organizations have persistent, high-severity flaws that constitute ‘critical’ security debt, putting businesses at serious risk in terms of impact on confidentiality, integrity, and availability. According to the report, 63% of applications have flaws in first-party code, while 70% contain flaws in third-party code imported via third-party libraries. … More →

The post …

applications businesses code confidentiality copilot critical debt defined don't miss flaws generated github github copilot high impact integrity organizations persistent report risk security security debt security flaws serious severity software development survey terms veracode