What is the biggest roadblock implementing DevSecOps practices?
Time and resources
47%
Technology stack is old
13%
Security isn't a priority
4%
Lack of executive buy-in
36%
What is the earliest stage you identify and remediate security issues?
Code (IDE, CLI, etc.)
37%
Commit (VCS)
4%
Build / Deploy (CI/CD)
35%
Running environment
24%
Developers in your organization currently play an active role in:
Infrastructure security
4%
Application security
20%
Both
48%
Neither
28%
Top benefit of embedding security earlier in the dev lifecycle?
Fewer security alerts/vulnerabilities
43%
Enhanced security posture
33%
Quicker security approvals
9%
Faster app deployments
15%
Does your dev team have the needed app security resources?
Yes - Well Equipped
19%
Yes - In most cases
30%
Yes - Somewhat
28%
No - Lacking in most cases
26%
Where are you on your DevSecOps journey?
Organizational adoption
15%
Individual dev team adoption
39%
Piloting or investigating
35%
No plans
11%