Snyk’s State of DevSecOps 2020

Feb 12, 2020

48% of those surveyed see security as a major constraint on the ability to deliver software quickly

Snyk recently published its “DevSecOps Insights 2020” report, building on Puppet’s State DevOps 2019 published last August, which used a proprietary dataset of five hundred respondents.

So it is a bit of Snyk on top of a tad of Puppet. We already knew in 2019 that 79% of organizations are in the thick of their DevOps journey and security is a major reason teams get ‘stuck in the middle’.

Even though the report is a mixture of other reports, it still reinforces the message and is a worthwhile read.

Execution of DevOps is key to enabling DevSecOps

In the DevSecOps world, an organization must rely on automation as a foundation and empower engineers to collaborate across different departments to take responsibility for improved security.

Important points

Some of the important points Snyk highlights include:

  • 48% of respondents see security a major constraint on the ability to deliver software quickly.
  • 81% of the respondents believe developers should own security, but that they lack skills to do so.

Why is that? Well, for instance

  • Only 14% [of developers] test for known vulnerabilities in their container images.

Have a good read !