Research Reveals Global Growth of Secure DevOps
New research from Secure Code Warrior ®, the global secure coding company, has revealed an attitudinal shift in the software development industry, with organisations bucking traditional practices for DevOps and Secure DevOps.
The global survey of professional developers and their managers found seven in 10 organisations (70%) recognise the importance of secure coding practices, with results indicating an industry-wide shift from reaction to prevention is underway.
Dr. Matias Madou, Chief Technology Officer and Co-Founder at Secure Code Warrior, said, “We are seeing a fundamental shift in mindsets across the world, as the industry slowly moves from reactive, band-aid solutions rolled out after a breach, to the proactive and human-led practice of writing quality software that is intrinsically free from vulnerabilities right from the very first keystroke.”
“This research shows that ‘secure code’ is becoming synonymous with ‘quality code’ within software development, and security is becoming the responsibility of development teams and leaders—not just AppSec professionals,” he said.
Secure coding seen as ‘reactive’
Reactive practices like using tools on deployed applications and manually reviewing code for vulnerabilities were the top two practices respondents associated with coding securely. However, a proactive shift in mindset was evidenced across the globe, with more than half (55%) of the developers surveyed also recognising secure coding as the active, ongoing practice of writing software protected from vulnerabilities.
Managers and developers are misaligned
Over half (55%) of managers surveyed said secure coding was practised and integrated throughout the entire development process, compared to only 43% of developers. Conversely, 36% of developers consider secure coding during development but not the design phase, as opposed to under one-third (32%) of managers.
Secure code an increasing indicator of success
While those surveyed identified ‘application performance’ and ‘functionality and features’ as the most common success metrics within software development (67% and 62% respectively), almost four in five (79%) respondents said the importance of ‘secure code’ was growing in prominence.
Application security is shifting
Almost half of respondents (46%) said development leads and teams should be responsible for application security rather than AppSec teams (24%). Over eight in 10 (81%) developers surveyed said they were accountable for any vulnerable code produced.
Developers motivated to upskill
‘Increased productivity and efficiency’, ‘curiosity’ and ‘avoiding problems caused by insecure code’ were identified as the leading intrinsic motivators to learn secure coding (20%, 14% and 11% respectively). Despite only 10% of respondents listing career advancement as a personal motivator, four in five (81%) managers were more likely to hire talent with secure coding skills.
More training is needed
91% of managers surveyed said they faced greater than average difficulty when implementing secure coding practices within their organisation, despite the overwhelming majority of respondents (97%) believing they were sufficiently trained. Perhaps, this is because almost nine in 10 (88%) developers surveyed said coding securely was challenging.
Madou added, “With OWASP’s Top 10 software vulnerabilities causing more security breaches over the past two decades than any others, now is the time for businesses to upskill developers to gain the knowledge and skills needed to stamp out insecure code and prevent issues from occurring in the first place.”
“Code is at the heart of everyday interactions, and Secure Code Warrior is focused on championing security-skilled developers who can create amazing, safe software for our connected world.”
To gain early access to the report, ‘Shifting from reaction to prevention: The changing face of application security 2021’, register your interest at scw.buzz/earlyaccess
Methodology
Secure Code Warrior® commissioned Evans Data Corporation, the market intelligence leader within the IT industry, to conduct a global survey of developers and decision-makers actively engaged in software development. In August 2020, 400 respondents were surveyed across North America, India, the United Kingdom, Europe, Australia, New Zealand and South-East Asia.
About Secure Code Warrior
Secure Code Warrior is the developer-chosen solution for growing powerful secure coding skills. By making secure coding a positive and engaging experience for developers as they increase their software security skills, our human-led approach uncovers the secure developer inside every coder, helping development teams ship quality code faster.
Through inspiring a global community of security-conscious developers to embrace a preventative secure coding approach, our mission is to pioneer a people-first solution to security upskilling, stamping out poor coding patterns for good. Learn more at securecodewarrior.com.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20210323006113/en/
Contact information
For media enquiries, to access the full report or arrange an interview:
Carly Ryan, Hotwire
E: securecodewarrior@hotwireglobal.com
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
NIQ and Displayce Collaborate to Bring Sales Lift Measurement to Europe’s DOOH Advertising Market16.9.2025 19:00:00 EEST | Press release
NIQ, a leading consumer intelligence company, and Displayce, a pioneering specialist technology suite for Out-of-Home advertising, are collaborating to bring advanced measurement capabilities to the European DOOH market. By combining NIQ’s trusted consumer intelligence with data from Displayce’s media activation platform, advertisers can link DOOH campaigns to in-store sales performance — driving transparency and accountability across the DOOH ecosystem. NIQ has long been a trusted source of consumer purchase insights for manufacturers and retailers, capturing the buying behavior of millions of households across more than 90 countries. Now, NIQ is extending its expertise and insights into the media ecosystem, empowering advertisers and agencies with new data assets and measurement solutions to improve their understanding of consumers and drive better ROI. Through the collaboration, NIQ and Displayce are driving the DOOH ecosystem toward more addressable, transparent, and results-driven
Andersen Consulting Expands Cybersecurity and Technology Offering with Addition of Move16.9.2025 16:30:00 EEST | Press release
Andersen Consulting has entered into a Collaboration Agreement with Move, a leader in IT infrastructure, managed services, and enterprise digital solutions with a presence in Norway and Sweden. Founded in 1989, Move provides consulting services, IT solutions, and managed services. The firm’s expertise spans cybersecurity, cloud solutions, server and storage solutions, network communications, and AI adoption. Move works with medium- and large-sized companies to design, implement, and operate secure, scalable, and future-ready IT environments. "This collaboration represents an exciting opportunity to create even greater value for our clients," said Roald Sannæs, managing director of Move. "With our capabilities and Andersen Consulting’s global reach and expertise, we can deliver more holistic solutions, helping organizations solve today’s challenges and anticipate tomorrow’s opportunities." "Move has earned a strong reputation in Norway for its technical excellence and commitment to clie
Capcom’s Resident Evil Requiem , the Latest Title in the Series, Also Coming to Nintendo Switch 2 on February 27, 2026!16.9.2025 16:00:00 EEST | Press release
Capcom Co., Ltd. (TOKYO:9697) today announced that Resident Evil Requiem, the latest title in the Resident Evil series scheduled for release on February 27, 2026, for PlayStation®5 system, Xbox Series X|S, and PC, will also be released for Nintendo Switch™ 2 at launch. In addition, Resident Evil 7 biohazard and Resident Evil Village, two other titles in the series, will also be released for Nintendo Switch 2 on the same date. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250916064724/en/ Resident Evil Requiem Key Art Resident Evil Requiem is a survival horror game that serves as the ninth main installment in the series. The title is being developed using RE ENGINE, Capcom’s proprietary game engine, and leverages Capcom’s extensive development experience cultivated over numerous hit titles. Also, at Gamescom 2025, Europe’s largest gaming trade show held in Germany in August, the title already garnered significant acclaim pri
Aker BP Leverages Cognite Atlas AI™ to Pioneer an AI-First Future in Exploration and Production16.9.2025 16:00:00 EEST | Press release
Aker BP, one of Europe's largest independent oil companies, and Cognite, the global leader in industrial AI, deepen their strategic partnership through the expanded adoption of Cognite Atlas AI™,harnessing the power of AI agents to improve efficiency, reduce costs, and elevate productivity. This enhanced collaboration puts Aker BP at the forefront of leveraging agentic AI to drive significant value and transform its operations. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250903134233/en/ Aker BP Leverages Cognite Atlas AI™ to Pioneer an AI-First Future in Exploration and Production Aker BP's "AI-first strategy" was developed to help lead the energy sector into a data-driven future by seamlessly integrating AI applications within industrial settings and business objectives to innovate and deliver results across the business. This includes automating complex processes and allowing engineers to easily access industrial exper
GlobalPlatform to Drive Next Phase of Growth for PSA Certified, Accelerating Security Adoption16.9.2025 16:00:00 EEST | Press release
GlobalPlatform announced today it will assume governance of PSA Certified, the global security certification scheme launched by Arm and key partners in 2019. In this next phase of growth, GlobalPlatform—the global standards organization for secure digital services and devices—will drive further collaboration, broader industry participation, and greater regulatory alignment for PSA Certified. Since its launch, PSA Certified has become a globally adopted framework that helps manufacturers and developers build secure connected products based on a Root of Trust. It aligns key security components—such as device identity, cryptography, attestation, and secure boot—with certification needs, regulatory requirements, and global best practices. To date, more than 250 products — spanning silicon, software, and devices—have been certified under the scheme. Under the terms of the agreement, PSA Certified will continue to evolve under the direction of a new Working Group within GlobalPlatform, which
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom