The 2017 DevSecOps Community Survey, new research from software supply chain automation company Sonatype, reveals that the adoption of DevOps is driving new approaches to application security, according to 2200+ respondents. Study findings indicate that development organizations are incorporating security into their DevOps practice early in the process. It also shows, among other findings, a nearly 50 percent increase in breaches between Sonatype’s 2014 and 2017 surveys. IT security experts from Prevoty commented below.
Julien Bellanger, CEO and Co-Founder at Prevoty:
“Devops is bringing development and security teams together at the intersection of development and production. Automating testing is great, but it does not help with attack prevention, detection and response when the application is actually in use. The latest Struts 2 exploit is a good reminder of that limitation. DevOps is a great place to automatically scale security – both in development stages with automated testing and in production with a runtime solution.”
Kunal Anand, CTO and Co-Founde at Prevoty:
“The accelerated adoption of DevOps across organizations is forcing organizations to look beyond the traditional SSDLC model. Instead of a series of traditional milestones, security is becoming continuous. Concretely, organizations are performing: 1) continuous testing by marrying static/dynamic analysis with CI tools like Jenkins, and 2) continuous application monitoring/protection by implementing a runtime security solution with CD tools like Ansible, Chef, Puppet, etc.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…