Many questions emerge as the topic of DevSecOps is volleyed about. First, confusion exists in terms of understanding what it actually means to get to true DevSecOps. While the focus is often centered (and misplaced) on tools, achieving true DevSecOps does not necessarily mean adding more tools to a portfolio. Rather, the journey to true DevSecOps requires rethinking the overall governance model for security. And, as part of this, building a culture and establishing consistent processes that allow Security and DevOps to work together to deliver the most secure, high quality software possible – as quickly as possible. From ownership of AppSec to requirements for DevSecOps to expectations of leadership—people, process and technology are all brought to bear.
To unpack these and more questions related to the state of DevSecOps today—and the outlook for the future—ZeroNorth surveyed 250 security professionals, engineers, developers and other IT pros from organizations involved in some form of application development. Fill in this form to download the report.