Whether it is company culture or an individual attitude, developers do appear to be commonly shipping vulnerable code with the full knowledge that there are weaknesses in it.
Report finds that the vast majority of app developers are pushing vulnerable code, and that truly secure applications capable of repelling a determined attacker are few and far between.