Sonatype , profile picture
Uploaded bySonatype
685 views

2017 DevSecOps Survey

More organizations are adopting mature DevOps practices, with 26% having mature practices and 41% improving. Those with mature practices are more likely to automate security testing in their CI/CD pipelines. While container security is a top concern, many organizations may not have the necessary governance policies for managing open source components, which pose a growing risk of security breaches.

Embed presentation

Downloaded 35 times
DOWLOAD FULL SURVEY DOWLOAD FULL SURVEY 41 % are improving their maturity. 26 % have mature DevOps practices 2,292people shared their views with us this year. 58 % with mature DevOps practices have automated security testing with CI/CD compared to 39% of all survey participants. Mature DevOps practices automate security early and everyhwere. Container Concerns DevSecOps Scales DevOps is on the Rise 19 % 43 % 51 %60 % Design / Architecture Development In ProductionDuring QA/Test 88 % say security is a top concern when deploying containers 53 % have security products to address this concern yet only 80% to 90% of a typical application is composed of components. But only 57 % have open source governance policies to keep “bad” components out of their software supply chains 50% increase in verified or suspected breaches related to open source components from 2014-2017

More Related Content

PPTX
What Is DevOps?
bySoumya De
 
PDF
DevOps: A Culture Transformation, More than Technology
byCA Technologies
 
PPTX
DevOps Foundation
byHomepree Rloy
 
PPTX
DevOps in Practice
byDerek Chen
 
PPTX
Devops
byDaniel Fikre
 
PDF
What is DevOps? - ITSM Academy Webinar
byITSM Academy, Inc.
 
PPTX
DevOps explained
byJérôme Kehrli
 
PDF
Developing a Testing Strategy for DevOps Success
byDevOps.com
 
What Is DevOps?
bySoumya De
 
DevOps: A Culture Transformation, More than Technology
byCA Technologies
 
DevOps Foundation
byHomepree Rloy
 
DevOps in Practice
byDerek Chen
 
Devops
byDaniel Fikre
 
What is DevOps? - ITSM Academy Webinar
byITSM Academy, Inc.
 
DevOps explained
byJérôme Kehrli
 
Developing a Testing Strategy for DevOps Success
byDevOps.com
 

What's hot

PPTX
Introduction to devops
byUtpalenduChakrobortt1
 
PPTX
Enabling The DevOps Culture At Organization
byIndia Scrum Enthusiasts Community
 
PDF
Introduction to DevOps
byRavindu Fernando
 
PPTX
DevOps
byYoshan madhumal
 
PDF
Diving Deeper into DevOps Deployments
byJules Pierre-Louis
 
PPTX
How to get started with DevOps
byRed Gate Software
 
PDF
devops
bySomkiat Puisungnoen
 
PPTX
Devops
bylakmal123
 
PPTX
Introduction to DevOps
byMatthew David
 
PDF
DevOps-Redefining your IT Strategy-28thJan15
byEdureka!
 
PPTX
Building DevOps Toolchain
byIBM UrbanCode Products
 
PPTX
DevOps Workshop, DevOps for DoD Professionals
byTonex
 
PDF
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
byZeroTurnaround
 
PDF
The State of DevOps Tools: A Primer
byDevOps.com
 
PDF
Integrating Automated Testing into DevOps
byTechWell
 
PPTX
Introduction to DevOps
byFrancesco Garavaglia
 
PPTX
Introduction To DevOps | Devops Tutorial For Beginners | DevOps Training For ...
bySimplilearn
 
PPTX
DevOps Challenges and Best Practices
byBrian Chorba
 
PPTX
DevOps: IT's Automation Revolution
byIBM UrbanCode Products
 
PDF
Devops at SlideShare: Talk at Devopsdays Bangalore 2011
byKapil Mohan
 
Introduction to devops
byUtpalenduChakrobortt1
 
Enabling The DevOps Culture At Organization
byIndia Scrum Enthusiasts Community
 
Introduction to DevOps
byRavindu Fernando
 
DevOps
byYoshan madhumal
 
Diving Deeper into DevOps Deployments
byJules Pierre-Louis
 
How to get started with DevOps
byRed Gate Software
 
devops
bySomkiat Puisungnoen
 
Devops
bylakmal123
 
Introduction to DevOps
byMatthew David
 
DevOps-Redefining your IT Strategy-28thJan15
byEdureka!
 
Building DevOps Toolchain
byIBM UrbanCode Products
 
DevOps Workshop, DevOps for DoD Professionals
byTonex
 
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
byZeroTurnaround
 
The State of DevOps Tools: A Primer
byDevOps.com
 
Integrating Automated Testing into DevOps
byTechWell
 
Introduction to DevOps
byFrancesco Garavaglia
 
Introduction To DevOps | Devops Tutorial For Beginners | DevOps Training For ...
bySimplilearn
 
DevOps Challenges and Best Practices
byBrian Chorba
 
DevOps: IT's Automation Revolution
byIBM UrbanCode Products
 
Devops at SlideShare: Talk at Devopsdays Bangalore 2011
byKapil Mohan
 

Similar to 2017 DevSecOps Survey

PPTX
Secure DevOPS Implementation Guidance
byTej Luthra
 
PPTX
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
byPuppet
 
PDF
Strengthen and Scale Security for a dollar or less
byMohammed A. Imran
 
PDF
The Rise of DevSecOps in CI_CD Workflows.pdf
byyour techdigest
 
PPTX
What is DevOps? What is DevOps CoE?
by7Targets AI Sales Assistants
 
PPTX
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
byJAXLondon_Conference
 
PDF
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
byMohammed A. Imran
 
PDF
DevOps stats 2021.pdf
byForte Group
 
PPTX
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
byDaniel Bryant
 
PPTX
You Build It, You Secure It: Introduction to DevSecOps
bySumo Logic
 
PPTX
ISACA Ireland Keynote 2015
byShannon Lietz
 
PDF
DevSecOps: The Open Source Way
byBlack Duck by Synopsys
 
PDF
AtlassianDevOpsTrendsSurvey2020.pdf
byPrasannaKumarN8
 
PPTX
What it feels like to live in a Security Enabled DevOps World
byKarun Chennuri
 
PPTX
DevOps Roadtrip - Denver
byVictorOps
 
PPTX
DevOps 101 - Moving Fast with Confidence
byNew Relic
 
PPTX
DevOps State of the Union 2015
byErnest Mueller
 
PDF
Scale security for a dollar or less
byMohammed A. Imran
 
PDF
State of the Cloud DevOps Trends
byRightScale
 
PDF
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
byDaniel Oh
 
Secure DevOPS Implementation Guidance
byTej Luthra
 
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
byPuppet
 
Strengthen and Scale Security for a dollar or less
byMohammed A. Imran
 
The Rise of DevSecOps in CI_CD Workflows.pdf
byyour techdigest
 
What is DevOps? What is DevOps CoE?
by7Targets AI Sales Assistants
 
DevOps and the cloud: all hail the (developer) king - Daniel Bryant, Steve Poole
byJAXLondon_Conference
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
byMohammed A. Imran
 
DevOps stats 2021.pdf
byForte Group
 
JAXLondon 2015 "DevOps and the Cloud: All Hail the (Developer) King"
byDaniel Bryant
 
You Build It, You Secure It: Introduction to DevSecOps
bySumo Logic
 
ISACA Ireland Keynote 2015
byShannon Lietz
 
DevSecOps: The Open Source Way
byBlack Duck by Synopsys
 
AtlassianDevOpsTrendsSurvey2020.pdf
byPrasannaKumarN8
 
What it feels like to live in a Security Enabled DevOps World
byKarun Chennuri
 
DevOps Roadtrip - Denver
byVictorOps
 
DevOps 101 - Moving Fast with Confidence
byNew Relic
 
DevOps State of the Union 2015
byErnest Mueller
 
Scale security for a dollar or less
byMohammed A. Imran
 
State of the Cloud DevOps Trends
byRightScale
 
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
byDaniel Oh
 

More from Sonatype

PPTX
DevOps Days Columbus - Derek Weeks - 2019
bySonatype
 
PDF
2019 DevSecOps Reference Architectures
bySonatype
 
PDF
RSAC DevSecOpsDays 2018 - We are all Equifax
bySonatype
 
PPTX
DevSecOps reference architectures 2018
bySonatype
 
PDF
30+ Nexus Integrations to Accelerate DevOps
bySonatype
 
PPTX
Starting and Scaling DevOps In the Enterprise
bySonatype
 
PPTX
DevOps Friendly Doc Publishing for APIs & Microservices
bySonatype
 
PDF
The Unrealized Role of Monitoring & Alerting w/ Jason Hand
bySonatype
 
PPTX
DevOps and All the Continuouses w/ Helen Beal
bySonatype
 
PDF
Serverless and the Way Forward
bySonatype
 
PDF
A Small Association's Journey to DevOps w/ Edward Ruiz
bySonatype
 
PDF
What's My Security Policy Doing to My Help Desk w/ Chris Swan
bySonatype
 
PDF
Characterizing and Contrasting Kuhn-tey-ner Awr-kuh-streyt-ors
bySonatype
 
PDF
Static Analysis For Security and DevOps Happiness w/ Justin Collins
bySonatype
 
PDF
Automated Infrastructure Security: Monitoring using FOSS
bySonatype
 
PDF
System Hardening Using Ansible
bySonatype
 
PDF
There is No Server: Immutable Infrastructure and Serverless Architecture
bySonatype
 
PDF
Getting out of the Job Jungle with Jenkins
bySonatype
 
PDF
Modern Infrastructure Automation
bySonatype
 
PDF
Continuous Everyone: Engaging People Across the Continuous Pipeline
bySonatype
 
DevOps Days Columbus - Derek Weeks - 2019
bySonatype
 
2019 DevSecOps Reference Architectures
bySonatype
 
RSAC DevSecOpsDays 2018 - We are all Equifax
bySonatype
 
DevSecOps reference architectures 2018
bySonatype
 
30+ Nexus Integrations to Accelerate DevOps
bySonatype
 
Starting and Scaling DevOps In the Enterprise
bySonatype
 
DevOps Friendly Doc Publishing for APIs & Microservices
bySonatype
 
The Unrealized Role of Monitoring & Alerting w/ Jason Hand
bySonatype
 
DevOps and All the Continuouses w/ Helen Beal
bySonatype
 
Serverless and the Way Forward
bySonatype
 
A Small Association's Journey to DevOps w/ Edward Ruiz
bySonatype
 
What's My Security Policy Doing to My Help Desk w/ Chris Swan
bySonatype
 
Characterizing and Contrasting Kuhn-tey-ner Awr-kuh-streyt-ors
bySonatype
 
Static Analysis For Security and DevOps Happiness w/ Justin Collins
bySonatype
 
Automated Infrastructure Security: Monitoring using FOSS
bySonatype
 
System Hardening Using Ansible
bySonatype
 
There is No Server: Immutable Infrastructure and Serverless Architecture
bySonatype
 
Getting out of the Job Jungle with Jenkins
bySonatype
 
Modern Infrastructure Automation
bySonatype
 
Continuous Everyone: Engaging People Across the Continuous Pipeline
bySonatype
 

Recently uploaded

PDF
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
PDF
Mulesoft Meetup Online Portuguese: MCP e IA
byPedro Baroni
 
PPTX
Guardrails in Action - Ensuring Safe AI with Azure AI Content Safety.pptx
byUdaiappa Ramachandran
 
PDF
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
PDF
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
PDF
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
PPTX
MuleSoft AI Series : Introduction to MCP
byMulesoftMunichMeetup
 
PDF
Parallel Computing BCS702 Module notes of the vtu college 7th sem 4.pdf
byMatheshVishnu
 
PDF
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
PDF
Crane Accident Prevention Guide: Key OSHA Regulations for Safer Operations
bySharpEagle Technology
 
PPTX
Leon Brands - Intro to GPU Occlusion (Graphics Programming Conference 2024)
byleonbrands1998
 
PDF
Transforming Supply Chains with Amazon Bedrock AgentCore (AWS Swiss User Grou...
byChris Bingham
 
PDF
"DISC as GPS for team leaders: how to lead a team from storming to performing...
byFwdays
 
PDF
Lets Build a Serverless Function with Kiro
byChris Bingham
 
PDF
5 Common Supply Chain Attacks and How They Work | CyberPro Magazine
byCyberPro Magazine
 
PDF
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
PDF
Cybersecurity Prevention and Detection: Unit 2
byVICTOR MAESTRE RAMIREZ
 
PPTX
UFCD 0797 - SISTEMAS OPERATIVOS_Unidade Completa.pptx
byscribddobruno
 
PDF
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
PDF
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
Mulesoft Meetup Online Portuguese: MCP e IA
byPedro Baroni
 
Guardrails in Action - Ensuring Safe AI with Azure AI Content Safety.pptx
byUdaiappa Ramachandran
 
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
MuleSoft AI Series : Introduction to MCP
byMulesoftMunichMeetup
 
Parallel Computing BCS702 Module notes of the vtu college 7th sem 4.pdf
byMatheshVishnu
 
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
Crane Accident Prevention Guide: Key OSHA Regulations for Safer Operations
bySharpEagle Technology
 
Leon Brands - Intro to GPU Occlusion (Graphics Programming Conference 2024)
byleonbrands1998
 
Transforming Supply Chains with Amazon Bedrock AgentCore (AWS Swiss User Grou...
byChris Bingham
 
"DISC as GPS for team leaders: how to lead a team from storming to performing...
byFwdays
 
Lets Build a Serverless Function with Kiro
byChris Bingham
 
5 Common Supply Chain Attacks and How They Work | CyberPro Magazine
byCyberPro Magazine
 
[BDD 2025 - Full-Stack Development] The Modern Stack: Building Web & AI Appli...
byWintari Yasmin
 
Cybersecurity Prevention and Detection: Unit 2
byVICTOR MAESTRE RAMIREZ
 
UFCD 0797 - SISTEMAS OPERATIVOS_Unidade Completa.pptx
byscribddobruno
 
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 

2017 DevSecOps Survey

  • 1.
    DOWLOAD FULL SURVEY DOWLOADFULL SURVEY 41 % are improving their maturity. 26 % have mature DevOps practices 2,292people shared their views with us this year. 58 % with mature DevOps practices have automated security testing with CI/CD compared to 39% of all survey participants. Mature DevOps practices automate security early and everyhwere. Container Concerns DevSecOps Scales DevOps is on the Rise 19 % 43 % 51 %60 % Design / Architecture Development In ProductionDuring QA/Test 88 % say security is a top concern when deploying containers 53 % have security products to address this concern yet only 80% to 90% of a typical application is composed of components. But only 57 % have open source governance policies to keep “bad” components out of their software supply chains 50% increase in verified or suspected breaches related to open source components from 2014-2017