2017 DevSecOps Community Survey

2,292 people answered 37 questions...this is what they had to say.

Download the Report Webinar

Facebook Google LinkedIn Twitter

The Results



of mature DevOps teams automate security testing


increase in breaches related to open source components


agree security is a top concern when deploying containers




What the Experts are Saying

Helen Beal, DevOpsologist | Ranger4

“DevOps is all about making better software faster.  It also requires making software more safely while compressing the time between ideation to realization.”

DJ Schleen, DevSecOps Evangelist | Healthcare Industry

“Business needs require software to be developed and shipped in a timely fashion.  Developers want to code the software in the most optimal way possible. The Operations team wants the application to be highly available and stable.  And the Security team wants it to have no vulnerabilities and low risk to the organization."

Benjamin Wootton, Co-founder and CTO | Contino

“On the positive side, containers also add additional process isolation features to limit how processes can behave when executing.  The various platforms also enable other features for container provenance, traceability and signing.  These can all contribute to form a much more secure software delivery pipeline than could be achieved using non containerized stacks.”

Tyler Shields, Vice President | Signal Sciences

“In a waterfall-native world, traditional application security approaches are bolted-on late in the lifecycle, performed manually, and can take hours to days to receive feedback.  In DevOps-native worlds where SDLC stages shrink to absurdly short windows, old world technologies won’t be able to cross the chasm into this high-velocity realm.”

Oleg Gryb, Chief Security Architect | Financial Services Industry

"For executives who came to security from infrastructure, networking or development domains and have never run a security scan, the challenges of bringing traditional toolsets and practices into the new velocity expectations of DevSecOps may not be so obvious.”

Get the full report now



What others are saying... 

Dark Reading Logo.png           infoworld logo black.png            SD Times logo - Color.png