On Wednesday, Puppet announced the findings of its eighth annual State of DevOps Report. This report reveals practices and patterns that can help organisations in integrating security into the software development lifecycle.
As per Puppet’s 2019 State of DevOps Report, 22% of the firms at the highest level of security integration has reached an advanced stage of DevOps maturity, while 6% of the firms are without security integration.
While talking about the firms with an overall ‘significant to full’ integration status, according to the report findings, Europe is ahead of the Asia Pacific regions and the US with 43% in contrast to 38% or less.
Alanna Brown, Senior Director of Community and Developer Relations at Puppet and author of the State of DevOps report, said, “The DevOps principles that drive positive outcomes for software development — culture, automation, measurement and sharing — are the same principles that drive positive security outcomes. Organisations that are serious about improving their security practices and posture should start by adopting DevOps practices.”
Brown added, “This year’s report affirms our belief that organisations who ignore or deprioritise DevOps, are the same companies who have the lowest level of security integration and who will be hit the hardest in the case of a breach.”
Michael Stahnke, VP of Platform Engineering, CircleCI, said, “It shouldn’t be a surprise to anyone that integrating security into the software delivery lifecycle requires intentional effort and deep collaboration across teams.”
Stahnke added, “What did surprise me, however, was that the practices that promote cross-team collaboration had the biggest impact on the teams’ confidence in the organisation’s security posture. Turns out, empathy and trust aren’t automatable.”
Andrew Plato, CEO, Anitian, said, “Puppet’s State of DevOps report provides outstanding insights into the ongoing challenges of integrating security and DevOps teams.”
Plato added, “While the report outlines many problems, it also highlights the gains that arise when DevOps and security are fully integrated. These benefits include increased security effectiveness, more robust risk management, and tighter alignment of business and security goals. These insights mirror our experiences at Anitian implementing our security automation platform. We are proud to be a sponsor of the State of DevOps report as well as a technology partner with Puppet. We anticipate referencing this report regularly in our engagement with our customers as well as the DevOps and security communities.”
To summarize, organizations that are focusing on improving their security posture and practices should adopt DevOps practices just as the organizations at the highest levels of DevOps acceptance have fully integrated security practices.
Check out the complete 2019 State of DevOps Report here.
I remember deciding to pursue my first IT certification, the CompTIA A+. I had signed…
Key takeaways The transformer architecture has proved to be revolutionary in outperforming the classical RNN…
Once we learn how to deploy an Ubuntu server, how to manage users, and how…
Key-takeaways: Clean code isn’t just a nice thing to have or a luxury in software projects; it's a necessity. If we…
While developing a web application, or setting dynamic pages and meta tags we need to deal with…
Software architecture is one of the most discussed topics in the software industry today, and…