My team ran a similar analysis years ago and found it was specific teams within a larger product group which introduced most security bugs. twitter.com/Carnage4Life/s…