DevSecOps offers the promise of significant advancements in both application security and software development programs. When AppSec is tightly integrated with DevOps, creating a consistent and continuous linkage throughout the software development life cycle, vulnerabilities are found and remedied much earlier. This lowers costs and ensures higher security efficacy.
The journey to true DevSecOps requires rethinking the overall governance model for security. And, as part of this, building a culture and establishing consistent processes that allow Security and DevOps to work together to deliver the most secure, high-quality software possible—as quickly as possible. From ownership of AppSec to requirements for DevSecOps to expectations of leadership—people, process and technology are all brought to bear.
To answer all questions related to the state of DevSecOps today—and the outlook for the future—ZeroNorth surveyed 250 security professionals, engineers, developers and other IT pros from organizations involved in some form of application development.