DevSecOps Insights 2020
28 janvier 2020
0 minutes de lectureWe are thrilled to announce and share with you the Snyk 2020 DevSecOps Insights! In this study, we discuss the state of DevSecOps, key activities, focus areas, and takeaways.
This study is based on data presented in the Snyk 2019 State of Open Source Security report and the Puppet 2019 State of DevOps report.
The Snyk report presents the survey results of over five hundred respondents and the Puppet report presents data from 2,949 technical professionals.
Download PDF DevSecOps Insights 2020
If you're interested in reading the detailed findings of our study, we recommend you download the full version of the report in digital format. Find some more of the key takeaways in the articles below:
DevSecOps Insights 2020
86% of security and tech roles agree that security is a shared responsibility
31% don’t track application dependencies and 38% only track direct dependencies
29% of highest security integration orgs endure friction when collaborating
48% see security a major constraint on the ability to deliver software quickly
An introduction to DevSecOps Insights 2020 study
Fast software development iterations call for baked-in security in order to keep up with the rate of building and shipping software. In a typical organization, security staff is vastly out-numbered compared to operations and developers. This significantly complicates the job of keeping up with security tests, reviews, etc, in order to mitigate the increasing application security risk.
Is security slowing down operations and developers? This is one of the major concerns and challenges for integrating security in development teams. Security teams remain accountable for the security of applications and related data, yet cannot introduce disruption to the development teams' workflows. To overcome these challenges, development and security teams need to adopt new ways of working together, develop new processes and adopt new tooling. DevOps teams do not prioritize for security in a build pipeline or security monitoring, as there are other concerns they are tasked with. So, even for empowered DevOps teams, security is still mainly an afterthought.
Join us on the live webinar event on January 30th 11AM Eastern Time:
To address security concerns while keeping up with the rapid pace of software delivery, we need to adopt processes, culture, and proper tools through automation which sustains fast development iterations. These enable development teams to integrate security tooling within their build pipelines to detect vulnerabilities early on, and fosters healthy collaboration across security and DevOps teams.
In this report we aim to explore the state of DevSecOps adoption and the challenges organizations and teams face. What we aim to gain from this research is better insight into practices and tools that accelerates DevSecOps adoption.
DevSecOps Key takeaways
Following are takeaways and challenges faced in the DevSecOps journey:
|
|
|
|
|
|
|
|
| |
|
Continue reading our DevSecOps Insights 2020 study:
DevSecOps Insights 2020
86% of security and tech roles agree that security is a shared responsibility
31% don’t track application dependencies and 38% only track direct dependencies
29% of highest security integration orgs endure friction when collaborating
48% see security a major constraint on the ability to deliver software quickly