Security News > 2020 > June > Developers agree: Application security processes have a negative impact on productivity
A new survey of developers has found that there isn't a single application security tool that at least 80% of developers said is inhibiting their productivity.
The degree to which various aspects of appsec hinder developer productivity vary from item to item, with the largest hindrance being a disconnect between developer and security workflows.
Integrated developer environment-based security tools were shown to be the least popular, and the survey said that developers "Often disable" tools of that kind.
Developer-centric workflows are the key to improving appsec without sacrificing productivity time, and ShiftLeft said that static application security testing and software composition analysis are two of the better methods for developing dev-centric appsec processes.
The key is to create "Purpose-built developer workflows for developer-centric security tools," freeing devs up to do what they need to do without interrupting their cycles, and letting IT handle the rest of the application security sphere.