{"id":45198,"date":"2022-02-08T18:19:42","date_gmt":"2022-02-08T18:19:42","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/vulnerability-scanning-triples-leading-to-two-third-fewer-flaws"},"modified":"2022-02-08T18:19:42","modified_gmt":"2022-02-08T18:19:42","slug":"vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/","title":{"rendered":"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc3ce6f95a0e03904\/620299132be9c249dcea7c7d\/veracode-SoSS-scanning-times.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Companies have increased the cadence of application-security testing \u2014 with triple the number of applications scanned and 20 times more scans per application \u2014 compared to a decade ago, according to Veracode&#8217;s new &#8220;State of Software Security&#8221; report. <\/p>\n<p>The focus on increasing the frequency of&nbsp;scanning, automating testing and deployment, and educating developers \u2014 all hallmarks of the cultural shift known as DevSecOps \u2014 has led to a two-thirds reduction in the number of vulnerable libraries and a one-third reduction in the time required to fix flaws, the company states. While 77% of third-party libraries still have a known vulnerability three months after disclosure, the half-life of flaws in those libraries (meaning the time it takes to&nbsp;fix half of the flaws) is three times faster.<\/p>\n<p>Overall, developers are moving in the right direction, but they still have a long way to go, says Chris Eng, chief research officer at Veracode.<\/p>\n<p>&#8220;Things are moving in a nice direction, showing that people are paying more attention to [finding vulnerabilities earlier],&#8221; he says. &#8220;We are seeing an increase in the adoption of different scanning types, with a significant decrease in vulnerable libraries \u2014 not shrinking just a little bit, but a lot.&#8221;<\/p>\n<p>The report is the result of Veracode looking at every application in the company&#8217;s database and analyzing the trends over years.<\/p>\n<p>A decade ago, the typical Veracode customer averaged two or three scans a year, but now most developers run daily static-analysis scans and weekly dynamic-analysis scans, <a href=\"https:\/\/www.veracode.com\/state-of-software-security-report\" target=\"_blank\" rel=\"noopener\">Veracode states in the report<\/a>. In 2010, for example, only 10% of applications were scanned at least weekly, not even once a month for the average application. In 2021, 90% of applications are scanned more frequently than once a week, the report stated.<\/p>\n<p>&#8220;Continuous testing and integration, which includes security scanning into pipelines, is becoming the norm, and we can see that reflected in how often users are scanning their applications,&#8221; the report states. &#8220;The sooner in the life cycle you discover problems, the more likely you&#8217;ll be able to solve them quickly, before they become a bigger problem down the road.&#8221;<\/p>\n<p>Another trend that suggests agile development is taking off and having an impact on vulnerabilities is that development teams appear to be moving to breaking up monolithic programs into smaller collections of services, or microservices. In 2021, less than 5% of applications used multiple frameworks and languages, down from 20% in 2018, suggesting that large software projects involving multiple languages are becoming more rare, according to Veracode.<\/p>\n<p>&#8220;You think that applications always get bigger and bigger over time \u2014 they get bloated with code, and people don&#8217;t get rid of functionality,&#8221; Eng says. &#8220;But we see that they are getting smaller, that these single-language applications indicate that developers are adopting microservice architectures.&#8221;<\/p>\n<p>The different types of testing tended to find different types of vulnerabilities, with the exception of information leakage, a common issue found by every testing technique. The most common flaws discovered by static analysis, for example, were CRLF injection, information leakage, and cryptographic issues, while dynamics analysis commonly found server configuration, insecure dependencies, and information leakage issues. Software composition analysis (SCA) discovered insufficient input validation, information leakage, and encapsulation issues most commonly.<\/p>\n<p>Every language had its particular propensity for vulnerabilities as well. Java applications tended to have CRLF injection issues, while Python programs&#8217; most common flaws were related to cryptographic issues, and C++&#8217;s top mistakes involved error-handling.<\/p>\n<p>Vulnerabilities discovered by software composition analysis took the longest to remediate, likely because the fixes have to flow up to the developer from the project maintainers. Fixing half of the flaws discovered by each technique took 143 days for dynamics analysis, 290 days for static analysis, and 397 days for SCA, Veracode states in the report. However, the response-to-SCA result is actually a significant improvement \u2014 in 2017, it took more than three years to patch half of the issues.<\/p>\n<p>&#8220;Given that we know that more scanning using multiple tools means faster fix times and less security debt, this shift can only be viewed as good for the future of application security,&#8221; the company says. &#8220;It\u2019s yet to be seen whether the pendulum of history will swing back to monolithic applications and waterfall development, but that doesn\u2019t seem likely now.&#8221;<\/p>\n<p>In terms of open source libraries, Veracode found that the most popular libraries continued to remain the same over the last five years. More than 97% of the code in Java applications, for example, are from open source libraries. However, the share of flawed libraries has declined over the past five years, with Java, JavaScript, and Python seeing a significant reduction in vulnerable libraries. <\/p>\n<p>&#8220;The larger lesson here is that developers are going to stick with tried-and-true libraries and likely aren\u2019t going to attempt to refactor their code base to pick up the latest hot commodity,&#8221; the report states. &#8220;Updates happened slowly when libraries didn\u2019t have flaws but relatively quickly when they did. As long as open source developers continue to fix security flaws, developers will keep on using those libraries.&#8221;<\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/vulnerability-scanning-triples-leading-to-two-third-fewer-flaws\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Companies are scanning more applications for vulnerabilities \u2014 and more often.Read More <a href=\"https:\/\/www.darkreading.com\/application-security\/vulnerability-scanning-triples-leading-to-two-third-fewer-flaws\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-45198","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-08T18:19:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc3ce6f95a0e03904\/620299132be9c249dcea7c7d\/veracode-SoSS-scanning-times.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws\",\"datePublished\":\"2022-02-08T18:19:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/\"},\"wordCount\":839,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc3ce6f95a0e03904\\\/620299132be9c249dcea7c7d\\\/veracode-SoSS-scanning-times.jpg\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/\",\"name\":\"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc3ce6f95a0e03904\\\/620299132be9c249dcea7c7d\\\/veracode-SoSS-scanning-times.jpg\",\"datePublished\":\"2022-02-08T18:19:42+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc3ce6f95a0e03904\\\/620299132be9c249dcea7c7d\\\/veracode-SoSS-scanning-times.jpg\",\"contentUrl\":\"https:\\\/\\\/eu-images.contentstack.com\\\/v3\\\/assets\\\/blt66983808af36a8ef\\\/bltc3ce6f95a0e03904\\\/620299132be9c249dcea7c7d\\\/veracode-SoSS-scanning-times.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-02-08T18:19:42+00:00","og_image":[{"url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc3ce6f95a0e03904\/620299132be9c249dcea7c7d\/veracode-SoSS-scanning-times.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws","datePublished":"2022-02-08T18:19:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/"},"wordCount":839,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc3ce6f95a0e03904\/620299132be9c249dcea7c7d\/veracode-SoSS-scanning-times.jpg","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/","url":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/","name":"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc3ce6f95a0e03904\/620299132be9c249dcea7c7d\/veracode-SoSS-scanning-times.jpg","datePublished":"2022-02-08T18:19:42+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#primaryimage","url":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc3ce6f95a0e03904\/620299132be9c249dcea7c7d\/veracode-SoSS-scanning-times.jpg","contentUrl":"https:\/\/eu-images.contentstack.com\/v3\/assets\/blt66983808af36a8ef\/bltc3ce6f95a0e03904\/620299132be9c249dcea7c7d\/veracode-SoSS-scanning-times.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-scanning-triples-leading-to-two-thirds-fewer-flaws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Vulnerability Scanning Triples, Leading to Two-Thirds Fewer Flaws"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45198","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45198"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45198\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}