The Results
58.png

338%
More likely to integrate automated security when DevOps practices are mature
28_2.png

55%
Increase in breaches related to open source components

88%
Higher cyber readiness profiles for mature DevOps practices
Are your software applications secure?

What the Experts are Saying

“The appeal of using one technology that’s free rather than buying a licensed, chargeable piece of software is apparent. But so are the risks. It is concerning that some developers are simply ignoring the policies crafted and communicated for their organisations, likely for the sake of speed and costs.”

Helen Beal, DevOpsologist | Ranger4 | United Kingdom
Joost van der Griendt

“Just like testing and refactoring have been recognized everyday, isolated steps in the development cycle, so to should security."

Joost van der Griendt , ABN AMRO | The Netherlands

"Making security a natural part of the SDLC will make it more resilient and valuable. It should be 'something we do' rather than 'something we are told to do'."

Pauly Comtois, Hearst Business Media | United States

"Who can sleep if they are worried that their code is insecure?"

Barry O’Connell, Deutsche Bank | United Kingdom
Skjalg Teig

"Security feels too widely regarded as a hurdle, to be overcome once, when it should be a fluent part of everyday development."

Skjalg Teig, Capra Consulting | Norway

"Involving external groups to perform security tests (e.g., pen testing) is expensive and doesn’t scale when we’re releasing frequently. We need to build security in, the same way that we build quality in."

Liz Keogh, Lunivore Limited | United Kingdom
How Others Run DevSecOps
Twitter LinkedIn Facebook YouTube GitHub
Products
Free Tools
Solutions
Resources
Customer Portal
Company
SON_logo_white@2x copy trimmed

Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759

Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102

Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia

London Office -168 Shoreditch High Street, E1 6HU London

Subscribe for all the latest software security news and events

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Terms of Service    Privacy Policy    Modern Slavery Statement    Event Terms and Conditions   Do Not Sell My Personal Information