"DevSecOps Delivers Significant Results but Take up Remains Low"

According to a new report from Mezmo, only 22 percent of organizations have developed a formal DevSecOps strategy that integrates security into software development lifecycle processes. A large percentage of those with a strategy report a positive impact on accelerating incident detection (95 percent) and response (96 percent) efforts. The report, which is based on a survey of 200 DevOps and IT/information security professionals conducted by analyst firm ESG, shows that over half of the respondent organizations using DevSecOps tools and processes experienced a significant reduction in production incidents. Despite the low adoption rate, 62 percent of respondents say their organization is actively evaluating use cases or plans to implement DevSecOps. Companies believe fostering a collaborative culture and encouraging developers to use security best practices are nearly as important as implementing DevSecOps tools. According to Melinda Marks, senior analyst at ESG, as organizations adopt modern software development processes that leverage cloud platforms, they are looking to incorporate security processes and controls into developer workflows. Of the respondents, 84 percent of respondents said providing the right data and tools to developers is critical for success, but as organizations increase the speed and volume of releases to serve more customers, massive amounts of data are being collected. This article continues to discuss key findings from Mezmo's report surrounding DevSecOps adoption. 

BetaNews reports "DevSecOps Delivers Significant Results but Take up Remains Low"