<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

2017 DevSecOps Community Survey

2,292 people answered 37 questions...this is what they had to say.

Download the Report Webinar

Facebook Google LinkedIn Twitter

The Results

 

58.png

58%
of mature DevOps teams automate security testing

28_2.png

50%
increase in breaches related to open source components

88.png

88%
agree security is a top concern when deploying containers

 

 



 

What the Experts are Saying

Helen Beal, DevOpsologist | Ranger4

“DevOps is all about making better software faster.  It also requires making software more safely while compressing the time between ideation to realization.”

DJ Schleen, DevSecOps Evangelist | Healthcare Industry

“Business needs require software to be developed and shipped in a timely fashion.  Developers want to code the software in the most optimal way possible. The Operations team wants the application to be highly available and stable.  And the Security team wants it to have no vulnerabilities and low risk to the organization."

Benjamin Wootton, Co-founder and CTO | Contino

“On the positive side, containers also add additional process isolation features to limit how processes can behave when executing.  The various platforms also enable other features for container provenance, traceability and signing.  These can all contribute to form a much more secure software delivery pipeline than could be achieved using non containerized stacks.”

Tyler Shields, Vice President | Signal Sciences

“In a waterfall-native world, traditional application security approaches are bolted-on late in the lifecycle, performed manually, and can take hours to days to receive feedback.  In DevOps-native worlds where SDLC stages shrink to absurdly short windows, old world technologies won’t be able to cross the chasm into this high-velocity realm.”

Oleg Gryb, Chief Security Architect | Financial Services Industry

"For executives who came to security from infrastructure, networking or development domains and have never run a security scan, the challenges of bringing traditional toolsets and practices into the new velocity expectations of DevSecOps may not be so obvious.”

Get the full report now

 

 

What others are saying... 

Dark Reading Logo.png           infoworld logo black.png            SD Times logo - Color.png