Snyk’s State of DevSecOps 2020
48% of those surveyed see security as a major constraint on the ability to deliver software quickly
Snyk recently published its “DevSecOps Insights 2020” report, building on Puppet’s State DevOps 2019 published last August, which used a proprietary dataset of five hundred respondents.
So it is a bit of Snyk on top of a tad of Puppet. We already knew in 2019 that 79% of organizations are in the thick of their DevOps journey and security is a major reason teams get ‘stuck in the middle’.
Even though the report is a mixture of other reports, it still reinforces the message and is a worthwhile read.
Execution of DevOps is key to enabling DevSecOps
In the DevSecOps world, an organization must rely on automation as a foundation and empower engineers to collaborate across different departments to take responsibility for improved security.
Some of the important points Snyk highlights include:
- 48% of respondents see security a major constraint on the ability to deliver software quickly.
- 81% of the respondents believe developers should own security, but that they lack skills to do so.
Why is that? Well, for instance
- Only 14% [of developers] test for known vulnerabilities in their container images.