VendorsBlack Duck
Black Duck
Cybersecurity reports and statistics published by Black Duck
8 categories5 reports
Research Reports
Reports and publications from Black Duck
Recent Statistics & Reports
31.5% of organizations produce SBOMs due to industry regulations.
8/26/2025•
AISBOMs
96.1% of organizations are integrating open source AI models into their products.
8/26/2025•
AI
18% of companies are affected by "Shadow AI".
8/26/2025•
AIShadow AI
21.1% of companies lack confidence in their ability to prevent AI from introducing security vulnerabilities.
8/26/2025•
AISecurity vulnerabilities
70.8% of organizations now produce Software Bills of Materials (SBOMs).
8/26/2025•
AISBOMs
39.4% of organizations produce SBOMs due to customer and partner requirements.
8/26/2025•
AISBOMs
89.3% of organizations are already using AI-powered coding assistants.
8/26/2025•
AIAI coding assistant
97% of all applications evaluated contained open source software.
2/25/2025
Nearly 30% of component license conflicts were caused by transitive dependencies.
2/25/2025
90% of the applications contain components more than 10 versions behind the most current version.
2/25/2025
91% of audited applications contain outdated open source software components.
2/25/2025
33% had open source software components with no license or a customized license.
2/25/2025
64% of open source components were transitive dependencies.
2/25/2025
86% of audited applications contained open source vulnerabilities, with 81% containing high- or critical-risk vulnerabilities.
2/25/2025
56% of all audited applications had license conflicts.
2/25/2025
The number of open source files in an average application has tripled over the last four years.
2/25/2025
A 22% rise in the number of organizations creating software bills of materials (SBOMs) for deployed software has been observed.
1/1/2025•
SBOMs
There has been a 67% increase in the number of organisations performing software composition analysis (SCA) on code repositories.
1/1/2025•
SCA
The number of organisations conducting adversarial tests (abuse cases) has doubled year-on-year.
1/1/2025•
Adversarial tests
In 2008, 100% of organizations in BSIMM1 conducted software security awareness training. By BSIMM15, this rate has declined to 51.2% of organizations, marking the lowest rate to date.
1/1/2025•
Software security awareness training
Showing 21-40 of 42 results