Gone are the days when software development was frequently done over many-month release cycles. Moreover, the intricacies of functional needs, integrations, application architecture, development tools, and infrastructure made things quite complicated for faster development cycles. The scenario has completely changed due to agile, scrum, DevOps, and continuous integration and delivery (CI/CD) pipelines that automate the build and code push for quicker frequent application delivery. Here, faster and shorter development cycles ensure business and technical advantages. With new tools and technologies, developers release new codes faster than ever, but security still emerges as an issue. Read this content and go through the findings of GitLab’s fifth annual DevSecOps survey that focus on faster software releases and the responsibility of security teams.
Findings of GitLab’s Fifth Annual DevSecOps Survey
Recently, open DevOps platform GitLab organized its fifth annual DevSecOps survey. The survey questioned 4,300 software professionals on the usage of DevOps tools, and a change in the testing industry by software teams had changed as the industry matured. The most important finding of the survey the growing importance of DevSecOps tools that empower developers to release new code faster. Yet, security still arises as a contentious issue concerning testing, code review, and disagreements between teams. The survey also finds the growing use of DevOps technologies due to the forced adoption of remote work. Now, teams are progressively assimilating automation into the SLDC process to accelerate software releases. The technology also resulted in more time saving for developers.
- About 84% of developers were happy with releasing code faster than before.
- 57% of developers agree with a significant jump in the code release.
- About 19% of developers think code release was 10x faster.
- About 21% of developers credited source code management in their DevOps practices to speed up things.
- About 18% honored continuous integration (CI), and 13% credited continuous delivery (CD) for faster development.
- 12% of developers think that the addition of the DevOps platform brought a significant change. 10% still find automated testing effective.
- 25% of developers are using full test automation; 28% announced being halfway to full automation.
Security Ownership and DevOps Survey
The survey also uncovers code review, planning, code development, and security testing issues for DevOps professionals. Security has been a severe concern between the security teams and developers. Although developers take on security tasks, yet development teams still feel not satisfied. About 42% of developers found the testing was happening too late in SDLC. About 1/3rd the participants of the survey admit the tracking of bug fixes as a big development headache. About 30% of developers welcome the use of AI and ML in software development.
Here, Johnathan Hunt, vice president of security at open platform GitLab, talks about sharing responsibility between security, developer, and operations teams. “While the industry has continued integrating security into development, and organizations are beginning to improve security overall, our research shows that a more clear delineation of responsibilities and adoption of new tools is required to completely shift security left,” he said.
“In the future, we hope to see security teams find more ways to layout clear expectations for the other members of their organization and continue to adopt innovative technologies for scanning and code reviews to improve speed and quality of development cycles,” he added.
Summing Up
To properly handle the issue and make the most out of DevSecOps, it is essential to have balanced and responsible coordination between security, developer, and operations teams. When it comes to getting quality DevOps solutions, enterprises need to bank upon cloud and DevOps experts. These experts offer quality DevOps consulting solutions to build, test, and release software faster and reliably using CI/CD pipeline automation across cloud platforms
GitLab’s fifth annual DevSecOps survey shows the growing importance of DevOps technology. Enterprises looking for better software releases can expect more from experts through the following services: Deployment automation, CI/CD, system quality automation, code quality assurance, and infrastructure provisioning.
Ref:
https://about.gitlab.com/press/releases/2021-05-04-gitlab-global-devsecops-survey.html
DevOps is getting code released faster than ever. But security is lagging behind
While development teams are releasing code faster, security remains an issue
