One-third of businesses lack a formal program for tracking application security and prioritizing which vulnerabilities to patch first. That finding comes from an application security lifecycle survey ...