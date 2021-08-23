Cancel
Why Do Developers Continue to Write Vulnerable Code?

By Pravin Madhani, CEO and Co-Founder
Cover picture for the articleIt’s been 18 years since OWASP first published their list of Top 10 Web Application Security Risks in 2003. It wouldn’t be unreasonable to think it would have been possible to solve web application security problems in that time frame. Yet, attacks continue to happen, and successfully target vulnerabilities in web applications. It would be easy to blame the success of these continued cyber attacks directly on the software developers who write the code. After all, if developers all wrote secure code, then most of the problem with cyber attacks on vulnerabilities would already be solved, since there would be no more vulnerabilities. We have to believe that software developers are not intentionally writing vulnerable code, either out of malice or laziness. It would be hard to imagine that anyone would want their names or professional reputations associated with a high-profile security breach. One has to wonder then, what causes the ongoing issue of developers writing and developing code with vulnerabilities?

