Security News > 2022 > August > DevSecOps adoption is low but packing a punch in user organizations
Only 22% of respondent organizations have developed a formal DevSecOps strategy integrating security into software development life cycle processes, a newly released report finds.
Although adoption is low for now, the study also confirms potential growth in the industry with 62% of respondents saying their organization is actively evaluating use cases or has plans to implement DevSecOps.
Of the 200 DevOps and IT/information security professional respondent organizations, the study found that more than half using DevSecOps tools and processes experienced a significant reduction in incidents that occur in production.
Most organizations do not capture certain data sources because of the high cost of storage/retention, which is problematic if there is an incident and the organization has incomplete data for a thorough analysis and/or timely response.
The study shows that 91% of organizations are using multiple tools to get the most value out of their data, which makes it difficult for multiple groups to have access to the data they need to do their jobs.
"DevSecOps has been a challenge because traditional security methods are too disruptive to processes; organizations need solutions that work within developer workflows and tools along with their cloud-native tech stack.