<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">
Gartner report states:
      • Make OSS software module identification, configuration and vulnerability scanning a priority in 2016 and 2017. 
      • Traditional static application security testing (SAST) and dynamic application security testing (DAST) are too heavyweight, complex and won't work or scale for DevSecOps. 
      • By 2019, more than 70% of enterprise DevOps initiatives will have incorporated automated security vulnerability and configuration scanning for open source components and commercial packages


 Information security architects must integrate security at multiple points 
into DevOps workflows in a collaborative way that is largely transparent to
developers, and preserves the teamwork, agility and speed of DevOps and
agile development environments, delivering "DevSecOps."   

- Neil MacDonald, Ian Head


Read the Report

Gartner, Inc., DevSecOps: How to Seamlessly Integrate Security Into DevOps, Neil McDonald, September 30, 2016.