Security News > 2022 > March > The benefits of implementing continuous security in the development lifecycle

The benefits of implementing continuous security in the development lifecycle
2022-03-30 04:00

Wabbi published new research with IDG that finds companies utilizing continuous security have decreased vulnerabilities by 50%. The study focused on the integration of development and security, as well as the benefits of continuous security.

The importance of security integration within the SDLC is clear: 98% of respondents place high importance on integrating security throughout the development lifecycle, yet only 15% report that security is always integrated from the beginning of the development lifecycle.

"To overcome the legacy disconnect between development and security, security must be integrated throughout the development lifecycle," said Brittany Greenfield, CEO, Wabbi.

Current application security processes are creating bottlenecks for all respondents: 53% of respondents cited bottlenecks happening "To some extent," while 47% reported the bottlenecks to a "Great extent." The top reason cited for the bottlenecks was poor collaboration between DevOps and security teams, followed by difficulty in identifying the correct project and feature level security requirements due to complex documentation, and lack of lack of security process orchestration as part of the SDLC/ CI/CD. Only 30% of respondents cited manual processes as a bottleneck in the development process, which showcases a divide between manual processes and all the things that result from them.

While just 31% of respondents have empowered development teams to own application security, these organizations are less likely to report their organizations have released applications with security vulnerabilities in the past year, and are more likely to be provided with security requirements and given opportunities for feedback in the planning stage of the SDLC. Additionally, respondents more often report feedback sharing processes between development and security teams are fully automated.

Respondents cite empowerment of development teams, enablement of real-time collaboration, and reduced security risk as top potential benefits of continuous security strategy.


News URL

https://www.helpnetsecurity.com/2022/03/30/implement-continuous-security/

Related news