84% said that supply chain vulnerabilities were the most significant threat to their enterprise applications.

Among those who have encountered issues with AI-generated code, 83% cited lack of transparency as major concerns.

86% of respondents are already using or exploring generative AI tools in their security programmes.

Open-source risks and cloud misconfigurations followed supply chain vulnerabilities closely at 73%.

64% of organizations are growing their AppSec teams.

84% recognise the role of the AppSec leader as more important now than ever. More than 84% believe their role is more important now than it was a few years ago. This increased importance is linked to factors such as growing challenges from AI-generated code and open source software.

Managing the sheer volume of vulnerabilities and false positives were the biggest challenges in securing code, cited by 78% of respondents.

Among those who have encountered issues with AI-generated code, 92% reported insecure code as a concern.

65% believe AI will significantly reshape the AppSec function within the next year.

80% of iOS apps were affected by environment attacks (where apps run in compromised conditions such as rooted or jailbroken devices).

The number of iOS attacks has risen to 88%.

86% of automotive apps are under attack

79% of healthcare-related applications are under attack

90% of Android apps were affected by attacks.

More than eight-in-ten applications are under constant attack, marking a near 20% increase compared to last year

84% of Android apps were affected by environment attacks (where apps run in compromised conditions such as rooted or jailbroken devices).