VendorsBlack Duck
Black Duck
Cybersecurity reports and statistics published by Black Duck
8 categories6 reports
Research Reports
Reports and publications from Black Duck
Recent Statistics & Reports
Nearly 30% of component license conflicts were caused by transitive dependencies.
2/25/2025
91% of audited applications contain outdated open source software components.
2/25/2025
33% had open source software components with no license or a customized license.
2/25/2025
56% of all audited applications had license conflicts.
2/25/2025
86% of audited applications contained open source vulnerabilities, with 81% containing high- or critical-risk vulnerabilities.
2/25/2025
There has been a 67% increase in the number of organisations performing software composition analysis (SCA) on code repositories.
1/1/2025•
SCA
The number of organisations employing research groups to develop new attack methods has grown by 30%.
1/1/2025•
Research groups
A 22% rise in the number of organizations creating software bills of materials (SBOMs) for deployed software has been observed.
1/1/2025•
SBOMs
The number of organisations conducting adversarial tests (abuse cases) has doubled year-on-year.
1/1/2025•
Adversarial tests
In 2008, 100% of organizations in BSIMM1 conducted software security awareness training. By BSIMM15, this rate has declined to 51.2% of organizations, marking the lowest rate to date.
1/1/2025•
Software security awareness training
Only 51.2% of organisations now offer basic security training, which is the lowest rate observed since the BSIMM initiative began in 2008.
1/1/2025•
Training
Showing 41-51 of 51 results