Source: devops.com
Survey Surfaces Lots of DevSecOps FrictionCategory: Security
A survey of 560 application security professionals and software developers in North America and Western Europe conducted by WhiteSource, a provider of tools for securing open source software, finds there’s a long way to go before most organizations can claim to have fully implemented best DevSecOps practices. Only 20% of respondents said their organization had a mature set of DevSecOps practices in place, while 62% said they were improving.
While 60% of security professionals said they have had an application security program in place for at least a year, just over a third of developers (37%) said they are aware of an application security program running for longer than a year inside their organization.
Among application security professionals the top DevSecOps challenge identified was vulnerability prioritization (41%), followed by lack of application security skills (35%), budget (34%), lack of cooperation between developers and security teams (31%) and scanning performance (31%).
Many application security professionals said they have one (60%), while only 40% of developers agreed.
While 60% of security professionals said they have had an application security program in place for at least a year, just over a third of developers (37%) said they are aware of an application security program running for longer than a year inside their organization.
Among application security professionals the top DevSecOps challenge identified was vulnerability prioritization (41%), followed by lack of application security skills (35%), budget (34%), lack of cooperation between developers and security teams (31%) and scanning performance (31%).
Many application security professionals said they have one (60%), while only 40% of developers agreed.
Related Articles
Community Partners
DevOps Careers