The ultimate objective of any DevSecOps program is to significantly improve an organization’s security posture and operational effectiveness by aligning the development, security and operations teams. The survey showed that security testing increased at each phase of the build and release workflow.
Developers also need security training to be effective participants in threat modeling, to perform code reviews and to adopt static application security testing (SAST) tools.
The https://www.synopsys.com/software-integrity/resources/analyst-reports/2022-sans-devsecops-survey.html results show that improving communication across development, operations and security remains a key success factor across industry sectors. However, survey respondents continue to consider automating workflows and integrating automated security testing into developer and engineering toolchains as highly important to the success of DevSecOps programs.