57% of Respondents View Their Budget and Expertise as Adequate to Implement DevSecOps
BOSTON, June 5, 2018 /PRNewswire/ — Aqua Security, the market-leading platform provider for securing containers and cloud-native applications, today announced the results of a survey conducted over the course of two days during the RSA Conference 2018. The survey sampled 80 security professionals to gain their unfiltered, high-level perspective on the fast-emerging discipline of DevSecOps. According to the survey respondents, DevSecOps is quickly gaining support and traction, within and beyond information security teams.
DevSecOps provides the opportunity to re-work application security processes to align with the rise of cloud-native application development and a much more security-minded business culture,” said Alan Shimel, CEO of Media Ops, DevOps focused events and online publisher. “Given how new and transformative the discipline of DevSecOps is, I was pleased to learn that survey participants are confident they have the funds, talent and culture in place needed to successfully implement it.”
“The main difference between cybersecurity ten years ago and today is that now, it’s becoming everyone’s job to help minimize threats, not just members of the information security team,” said Dror Davidoff, co-founder and CEO of Aqua Security. “DevSecOps in particular is an emerging discipline that, despite the cybersecurity skills shortage and its inherent complexity, is poised to thrive because it relies on shift-left security automation to enable much of the execution as part of the build process. It’s still early days, but right now, DevSecOps is maturing in a culture where multiple stakeholders are highly motivated to do it right.”
Key findings from the survey include:
- 70% of respondents believe their culture can embrace the change needed to fuse Security and DevOps
- 57% believe they have the human and financial resources in place to implement DevSecOps
- 62% reported they currently had either a formal or informal DevSecOps team in-house
- 47% reported they are fairly or very mature in their implementation of DevSecOps for application security; another 39% ranked themselves as maturing
When asked to rank the three most important elements of DevSecOps, respondents ranked:
- Applying security across the app lifecycle (61%)
- Automating application security controls (52%)
- Involving DevOps in security processes (43%)
Additionally, respondents were asked about budget trends, with 76% of the sample reporting their application security budget has increased over the past five years, 25% reporting it went up between 10-30%, and 14% sharing that it went up by more than 40%.
“While this survey differs from our 2017 Container Security in the Enterprise Survey, when viewed chronologically, the data sets suggest that there is a rapid progression of DevSecOps,” said Andy Feit, VP Go-To-Market, Aqua Security. “Last year, only 13% of a similar pool of respondents reported they had a DevSecOps team in place; less than a year later, that number has skyrocketed to 62%. As DevSecOps and all the underlying trends that fuel its growth continue to evolve, Aqua remains committed to helping its customers blend strong security with business agility.”
The survey results are available graphically at this address: https://www.aquasec.com/infographic2018
About Aqua Security
Aqua Security enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security. Aqua’s Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks in real time. Integrated with container lifecycle and orchestration tools, the Aqua platform provides transparent, automated security while helping to enforce policy and simplify regulatory compliance. Aqua was founded in 2015 and is backed by Lightspeed Venture Partners, Microsoft Ventures, TLV Partners, and IT security leaders, and is based in Israel and Boston, MA. For more information, visit www.aquasec.com or follow us on twitter.com/AquaSecTeam.