Security Tools Don't Fail. Adoption Does: Why Developers Ignore Them
81% of development teams knowingly ship code with vulnerabilities. That number gets quoted a lot. Usually to make a point about how developers don't take security seriously. Here's a different reading: most of those developers knew the vulnerability was there. They just couldn't do anything about it in time. That's not apathy. That's a system failure. Feature deadlines are usually less flexible than security work.