The 2017 DevSecOps Community Survey, new research from software supply chain automation company Sonatype, reveals that the adoption of DevOps is driving new approaches to application security, according to 2200+ respondents. Study findings indicate that development organizations are incorporating security into their DevOps practice early in the process. It also shows, among other findings, a nearly 50 percent increase in breaches between Sonatype’s 2014 and 2017 surveys. IT security experts from Prevoty commented below.
Julien Bellanger, CEO and Co-Founder at Prevoty:
“Devops is bringing development and security teams together at the intersection of development and production. Automating testing is great, but it does not help with attack prevention, detection and response when the application is actually in use. The latest Struts 2 exploit is a good reminder of that limitation. DevOps is a great place to automatically scale security – both in development stages with automated testing and in production with a runtime solution.”
Kunal Anand, CTO and Co-Founde at Prevoty:
“The accelerated adoption of DevOps across organizations is forcing organizations to look beyond the traditional SSDLC model. Instead of a series of traditional milestones, security is becoming continuous. Concretely, organizations are performing: 1) continuous testing by marrying static/dynamic analysis with CI tools like Jenkins, and 2) continuous application monitoring/protection by implementing a runtime security solution with CD tools like Ansible, Chef, Puppet, etc.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…