VendorsBlack Duck
Black Duck
Cybersecurity reports and statistics published by Black Duck
8 categories5 reports
Research Reports
Reports and publications from Black Duck
Recent Statistics & Reports
Automated verification of infrastructure security surged by more than 50%.
2/9/2026•
Infrastructure SecurityAutomationApplication Security
Establishment of standardized technology stacks rose by more than 40%.
2/9/2026•
Technology StackApplication Security
Use of risk-ranking methods to determine where LLM-generated code is safe to deploy increased by 12%.
2/9/2026•
AI SecurityRisk ManagementApplication Security
Application of custom rules to automated code review tools to catch issues unique to AI-generated code increased by 10%.
2/9/2026•
AI SecurityCode ReviewDeveloper Tools
Nearly 30% more organizations now produce SBOMs to meet transparency requirements.
2/9/2026•
SBOMRegulatory Compliance
Teams using attack intelligence to track emerging AI vulnerabilities increased by 10%.
2/9/2026•
AI SecurityThreat IntelligenceApplication Security
Organizations delivering expertise through open collaboration channels increased by 29%.
2/9/2026•
Collaboration
Streamlining of responsible vulnerability disclosure grew by more than 40%.
2/9/2026•
Vulnerability DisclosureRegulatory ComplianceApplication Security
63% of respondents that prioritize SBOM validation say they're highly prepared to evaluate third-party software.
1/1/2026•
Third-Party Software SecuritySoftware Supply ChainSBOM Validation
54% of organizations using at least four compliance controls remediate critical vulnerabilities within a day.
1/1/2026•
Compliance ControlsVulnerability ManagementCritical Vulnerabilities
76% of organizations check AI code for security risks.
1/1/2026•
AI CodeSoftware DevelopmentAI Code Security Risks
Organizations that effectively track and manage open source dependencies are 85% more prepared to secure open source software compared to the overall average of 57%.
1/1/2026•
Open SourceSoftware SecurityOpen Source Dependencies
60% of organizations that perform automatic continuous monitoring report remediating critical software vulnerabilities within a day.
1/1/2026•
Vulnerability ManagementSoftware DevelopmentAutomatic Continuous Monitoring
Only 24% of organizations have adopted comprehensive strategies to secure AI-generated code.
1/1/2026•
AI-Generated CodeSoftware DevelopmentAI-Generated Code Security
35% of respondents cite interpreting and operationalizing complex regulatory requirements as their biggest challenge.
1/1/2026•
ComplianceRegulatory
Only 45% of the full respondent pool say they remediate critical software vulnerabilities within a day.
1/1/2026•
Vulnerability ManagementCritical Software VulnerabilitiesCritical Software Vulnerability Remediation
59% of respondents that prioritize SBOM validation typically respond to critical software vulnerabilities within one day.
1/1/2026•
SBOMSBOM ValidationVulnerability Management
95% of surveyed organizations reported using AI tools in software development.
1/1/2026•
AI ToolsSoftware Development
49% of organizations using at least three compliance controls remediate critical vulnerabilities within a day.
1/1/2026•
Compliance ControlsVulnerability ManagementCritical Vulnerabilities
96.1% of organizations are integrating open source AI models into their products.
8/26/2025•
AI
Showing 1-20 of 42 results