The healthcare industry is transforming patient care through software, from 24/7 digital patient portals, to AI-fueled medical research, and everything in between. As innovation reaches new heights, how does healthcare stack up against other sectors in terms of software security flaws and the ability to remediate them?
Our latest State of Software Security Report found that 77 percent of applications in this sector have vulnerabilities – a slight uptick from last year’s 75 percent – with 21 percent considered high severity.
Healthcare takes first place for fixing flaws at 27 percent. Developers in the space should be applauded for tackling complex authentication issues and insecure dependencies with success over the last 12 months.
When clocking the time it takes to remediate flaws found by static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA), healthcare organizations fall right in the middle of the pack. It’s also worth mentioning that healthcare outpaces other sectors in resolving issues in third-party libraries, though this still takes a significant amount of time. And the industry shows a downward drop in flaws discovered in third-party code, which is great news for open-source lovers everywhere!
Of course, there’s always room for growth, and like all industries, healthcare could benefit from a more pervasive approach to software security. More consistent scanning, analysis, and security training can help drive down those total flaw numbers, while giving fix rates and speeds a bigger bump.
There’s a lot more to explore, including historical data trends that have shaped healthcare’s software security landscape over time. Take a spin through the State of Software Security Report: Healthcare to learn more.