DevSecOps: Developer/DevOps Versus Security Perspectives — U.S. DevSecOps Survey Reveals How Different Audiences View Application Security

Content

• 32 slides

Related Links

• Web Rights
• Referencing Documents

Abstract

This IDC Survey examines the contrasting security versus developer perspectives from a survey of United States–based organizations adopting DevSecOps to improve their overall application security posture. The analysis was based on IDC's U.S. DevSecOps Adoption Survey of over 300 IT professionals, performed in January 2023. This analysis presents selected questions from the larger survey where perceptions between roles were varied and provided insight. The roles examined in this analysis are:

• Dev/DevOps: Includes respondents who self-identified as development/engineering individual contributors, development/engineering leadership (VP/director), development/engineering team leader/manager/supervisor, DevOps individual contributors, DevOps leadership (VP/director), DevOps team leader/manager/supervisor
• DevSecOps: Includes respondents who self-identified as DevSecOps leadership (VP/director), DevSecOps team leader/manager/supervisor
• Security: Includes respondents who self-identified as security individual contributors, security team leader/manager/supervisor, security/cybersecurity leadership (VP/director)

Questions examined include:

• The stage of the software development life cycle in which an organization first incorporates application security testing
• The team ultimately responsible for application security
• The top organizational challenge concerning DevSecOps adoption
• The importance of developer acceptance of using security tooling
• Technical challenges of DevSecOps adoption
• Types of application security breaches experienced within the past 12 months
• Top capabilities when selecting a security tool
• Who influences the selection of security tools
• Who owns the budget for purchasing security tools

Coverage