2025 State of Software Security: Public Sector Snapshot 1

For many public sector professionals, software security is a major concern. Slow flaw remediation (315 days on average) and high critical security debt (55% of organizations) raise worries about application security and data breaches. In the Public Sector State of Software Security 2025 Report, you’ll learn:

• The half-life for fixing flaws in the public sector is 315 days, significantly longer than the overall average of 252 days.
• 78% of public sector organizations have security debt, and 55% have critical debt, both slightly higher than the overall averages.
• Over 70% of critical security debt stems from third-party code, and it takes about 50% longer to fix flaws in third-party code.