Why mature DevOps shops are utilising automated security ‘early, everywhere and at scale’

More than two thirds of respondents to a survey conducted by Sonatype say their DevOps practices are either ‘very mature’ or of ‘improving maturity’, with mature organisations weaving automated security into their DevOps practices.

The study, which polled almost 2,300 IT professionals, found only a quarter (28%) of mature DevOps teams believe they were being slowed by security requirements, while 38% of developers in those teams say security is a primary concern.

The link between heightened security awareness and maturation in DevOps practices was evident. 85% of respondents from highly mature DevOps environments said they have received some form of application security training giving evidence of secure coding practices, compared with 30% in immature industries who admitted they had received no training.

Yet there were still areas to work on. 88% of respondents said security was a primary concern when deploying containers – but only 53% leverage security solutions to help with it – while breaches continued to go up, at a nearly 50% increase recorded between Sonatype’s 2014 and 2017 study.

“As evidenced by this year’s survey results, organisations everywhere are now transforming their development from waterfall-native to DevOps-native tools and processes,” said Wayne Jackson, Sonatype CEO in a statement. “Along the way, they are coming to grips with one simple fact: DevOps is not an excuse to do application security poorly; rather it is an opportunity to do application security better than ever.”

Plenty of discussion in recent DevOps studies has been around definition; yes, numbers keep going up, and awareness continues to rise, but challenges remain. In the case of a study issued by Quali earlier this month, the primary roadblocks were existing company culture, testing automation issues, legacy systems, application complexity, and budget constraints.


https://www.iottechexpo.com/northamerica/wp-content/uploads/2018/09/all-events-dark-text.pngInterested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.

Related Stories

Leave a comment


This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.