Strategies for Building Resilient Software in a Complex Ecosystem In an era where software development is accelerating rapidly, Veracode's latest research reveals a concerning trend: 50% of organisations are burdened by critical security debt, with 70% of these vulnerabilities originating from third-party code and the software supply chain. The average time to fix security flaws has increased to 8.5 months, marking a 47% rise over the past five years. This session will delve into the key findings of the State of Software Security report, offering a comprehensive understanding of the current landscape. Amanda will explore the five critical metrics identified by Veracode that benchmark security maturity and what defines a ‘leading’ or ‘lagging’ organisations. Attendees will gain insights into: - The impact of third-party code on security debt and strategies to mitigate associated risks. - The importance of remediation speed, with fast-acting teams reducing critical security debt by up to 75%. - The role of AI in enhancing remediation efforts and addressing the backlog of security debt. - Practical recommendations for improving security posture, including enhancing visibility across the software development lifecycle and prioritising vulnerabilities effectively.