Security Is Becoming Critical for Choosing a DevOps Platform
- By CDOTrends editors
- August 30, 2022
Choosing a DevOps platform is no longer just about faster software delivery. Security is now the primary driver for many companies when making the switch. However, companies need to do more than just integrate security into their existing DevOps processes — they need to build security into the foundation of their development operations.
This is according to GitLab Inc.'s Sixth Annual Global DevSecOps Survey, which polled more than 5,000 professionals around the world on their DevOps strategies and priorities.
Notably, the survey found that nearly three-quarters of respondents have adopted a DevOps platform or plan to adopt it within the year. This is in response to rising industry expectations around security, compliance, toolchain consolidation, and faster software delivery.
When asked about their company's highest priority for DevOps, security was the top response from survey respondents. Security is the number one investment area for most of the respondents, even surpassing cloud computing.
“Rapid deployment and speed-to-market are some of the biggest differentiators in today’s business landscape. This often comes at the cost of security — a major concern across technology, business, and government leaders — but it doesn’t have to,” said Johnathan Hunt, vice president of security at GitLab. “Streamlined toolchains and standardized, transparent processes help organizations keep security and compliance at the core of the software development lifecycle (SDLC), rather than an afterthought.”
The main difficulty is that many organizations are still in the early stages of adopting DevOps and security. Only 10% of respondents said they received additional funding for security.
Furthermore, companies must address the glaring misalignment between security and development teams. For many, it is not enough to make security a performance metric for developers. Developers must be incentivized to practice security protocols and be provided complete visibility into the toolchain and potential risks.
Around 50% of security professionals surveyed by GitLab reported that developers are failing to identify security issues. This is a huge problem considering that 75% of vulnerabilities can be traced back to insecure code.
"When security collaboration is achieved, organizations produce great results. Development, security, and operations teams broadly noted better security as a key advantage of a DevOps platform. Survey data demonstrated that a commitment to security was a driving force for many decision-makers when choosing a DevOps platform or other tools. Additionally, investing in a single platform allows practitioners to take advantage of more features with fewer tools – and fewer a la carte expenses," the survey highlighted.
Image credit: iStockphoto/Thinkhubstudio