OPERATIONS
Security is a top challenge for DevSecOps teams Security has surpassed even cloud computing as the number one investment area across DevSecOps teams at global organisations . However , despite an appetite to shift security left , many companies are still nascent in their approach and results and only 10 % of respondents reported receiving additional budget for security .
Data continues to support the ongoing trend of misalignment between security and development teams . Over half of survey respondents stated that security is a performance metric for developers within their organisations , however , 50 % of security professionals report that developers are failing to identify security issues , to the tune of 75 % of vulnerabilities . In order to align performance metrics with reality , developers must be incentivised to practice security protocols and be provided with full visibility into the toolchain and potential risks .
When security collaboration is achieved , organisations produce great results . Development , security , and operations teams broadly noted better security as a key advantage to a DevOps platform . Additionally , investing in a single platform allows practitioners to take advantage of more features with fewer tools and fewer a la carte expenses .
Challenges associated with DevSecOps While the motivation to move to a DevSecOps platform is clear , Harman Singh from Cyphere says DevSecOps does come with challenges . “ One of the challenges of DevSecOps is that it requires a shift in thinking for many organisations . Security has traditionally been viewed as an afterthought in the software development process , and it can be difficult to change this mindset . In addition , DevSecOps
“ One of the challenges of DevSecOps is that it requires a shift in thinking for many organisations ”
HARMAN SINGH CYPHERE
48 November 2022