It’s been over 10 years since Shannon Lietz introduced the term DevSecOps, aiming to get security a seat at the table with IT developers and operators. The question is, how far has security come since then? Do DevSecOps teams have the culture, practices, and tooling they need to release technology into production faster but also reliably and securely?

The recently published SANS DevSecOps Survey shows significant traction. More organizations are looking to shift-left security to ensure that security is prominent in their development practices. Over 50% of respondents claimed they resolved critical security risks and vulnerabilities in seven days or better. But even though nearly 30% of respondents said they deployed to production weekly, only 20% were assessing or testing for security vulnerabilities at a similar velocity. Additionally, the adoption rate for DevSecOps practices topped out at 61% for automation and 50% for continuous integration (CI). Many organizations are still working toward mature security and continuous deployment.

To read this article in full, please click here