Cyberstats

Security Intelligence

VendorsCypress Data Defense

Cypress Data Defense

Cybersecurity reports and statistics published by Cypress Data Defense

8 categories1 reports

Research Reports

Reports and publications from Cypress Data Defense

2025 State of Application Security Report

7/29/2025

Recent Statistics & Reports

58% of security teams report frequent false positives from application security scanners.

7/29/2025
Insecure codeApplication securityApplication security scanners

11% of security teams say application security false positives happen constantly.

7/29/2025
Insecure codeApplication securityFalse positives

83% of organizations are considering outsourcing AppSec functions.

7/29/2025
Insecure codeApplication security

Just 1% of organizations invest more than 20% of their total security budget into AppSec.

7/29/2025
Insecure codeApplication securityBudget

62% of organizations knowingly release insecure code to meet delivery deadlines.

7/29/2025
Insecure codeApplication security

Nearly 90% of organizations allocate just 11–20% of their security budgets to application security.

7/29/2025
Insecure codeApplication security

60% of organizations say security issues are more likely to delay product launches than feature bugs.

7/29/2025
Insecure codeApplication security

57% of organizations wait until just before deployment to involve security.

7/29/2025
Insecure codeApplication security

36% of companies spend more on network security than AppSec.

7/29/2025
Insecure codeApplication securityNetwork security

Only 36% of organizations involve security at the planning stage of software development.

7/29/2025
Insecure codeApplication securitySoftware development

8 in 10 AppSec professionals are open to outside help.

7/29/2025
Insecure codeApplication security

62% of security professionals fear being fired following a breach.

7/29/2025
Insecure codeApplication security

17% of security professionals believe termination is likely after a breach.

7/29/2025
Insecure codeApplication security

51% of teams have fully addressed OWASP Top 10 threats, meaning nearly half remain exposed to foundational risks.

7/29/2025
Insecure codeApplication securityOWASP

Application-layer attacks account for 43% of breaches.

7/29/2025
Insecure codeApplication securityApplication-layer attacks

Top Categories

Insecure code
15
Application security
15
Tools
2
Application security scanners
1
False positives
1
Budget
1
Network security
1
Software development
1

Related Vendors

LevelBlue
10 stats
Arkose Labs
22 stats
Kyndryl
12 stats
Capterra
10 stats
RSA
19 stats
Cycode
10 stats