How do vulnerabilities get into software?

This paper, by application security platform Veracode, addresses the four main causes of vulnerabilities in software today. The authors investigate: insecure coding practises; the ever-shifting threat landscape; the reuse of vulnerable components and code; and idiosyncrasies of programming languages.