Research Reveals Global Growth of Secure DevOps
New research from Secure Code Warrior ®, the global secure coding company, has revealed an attitudinal shift in the software development industry, with organisations bucking traditional practices for DevOps and Secure DevOps.
The global survey of professional developers and their managers found seven in 10 organisations (70%) recognise the importance of secure coding practices, with results indicating an industry-wide shift from reaction to prevention is underway.
Dr. Matias Madou, Chief Technology Officer and Co-Founder at Secure Code Warrior, said, “We are seeing a fundamental shift in mindsets across the world, as the industry slowly moves from reactive, band-aid solutions rolled out after a breach, to the proactive and human-led practice of writing quality software that is intrinsically free from vulnerabilities right from the very first keystroke.”
“This research shows that ‘secure code’ is becoming synonymous with ‘quality code’ within software development, and security is becoming the responsibility of development teams and leaders—not just AppSec professionals,” he said.
Secure coding seen as ‘reactive’
Reactive practices like using tools on deployed applications and manually reviewing code for vulnerabilities were the top two practices respondents associated with coding securely. However, a proactive shift in mindset was evidenced across the globe, with more than half (55%) of the developers surveyed also recognising secure coding as the active, ongoing practice of writing software protected from vulnerabilities.
Managers and developers are misaligned
Over half (55%) of managers surveyed said secure coding was practised and integrated throughout the entire development process, compared to only 43% of developers. Conversely, 36% of developers consider secure coding during development but not the design phase, as opposed to under one-third (32%) of managers.
Secure code an increasing indicator of success
While those surveyed identified ‘application performance’ and ‘functionality and features’ as the most common success metrics within software development (67% and 62% respectively), almost four in five (79%) respondents said the importance of ‘secure code’ was growing in prominence.
Application security is shifting
Almost half of respondents (46%) said development leads and teams should be responsible for application security rather than AppSec teams (24%). Over eight in 10 (81%) developers surveyed said they were accountable for any vulnerable code produced.
Developers motivated to upskill
‘Increased productivity and efficiency’, ‘curiosity’ and ‘avoiding problems caused by insecure code’ were identified as the leading intrinsic motivators to learn secure coding (20%, 14% and 11% respectively). Despite only 10% of respondents listing career advancement as a personal motivator, four in five (81%) managers were more likely to hire talent with secure coding skills.
More training is needed
91% of managers surveyed said they faced greater than average difficulty when implementing secure coding practices within their organisation, despite the overwhelming majority of respondents (97%) believing they were sufficiently trained. Perhaps, this is because almost nine in 10 (88%) developers surveyed said coding securely was challenging.
Madou added, “With OWASP’s Top 10 software vulnerabilities causing more security breaches over the past two decades than any others, now is the time for businesses to upskill developers to gain the knowledge and skills needed to stamp out insecure code and prevent issues from occurring in the first place.”
“Code is at the heart of everyday interactions, and Secure Code Warrior is focused on championing security-skilled developers who can create amazing, safe software for our connected world.”
To gain early access to the report, ‘Shifting from reaction to prevention: The changing face of application security 2021’, register your interest at scw.buzz/earlyaccess
Secure Code Warrior® commissioned Evans Data Corporation, the market intelligence leader within the IT industry, to conduct a global survey of developers and decision-makers actively engaged in software development. In August 2020, 400 respondents were surveyed across North America, India, the United Kingdom, Europe, Australia, New Zealand and South-East Asia.
About Secure Code Warrior
Secure Code Warrior is the developer-chosen solution for growing powerful secure coding skills. By making secure coding a positive and engaging experience for developers as they increase their software security skills, our human-led approach uncovers the secure developer inside every coder, helping development teams ship quality code faster.
Through inspiring a global community of security-conscious developers to embrace a preventative secure coding approach, our mission is to pioneer a people-first solution to security upskilling, stamping out poor coding patterns for good. Learn more at securecodewarrior.com.
For media enquiries, to access the full report or arrange an interview:
Carly Ryan, Hotwire
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
iProov Face Verification Selected by itsme® to Support Global Expansion20.4.2021 08:00:00 EEST | Press release
British company iProov has today announced that European digital identity leader, itsme®, has selected iProov’s Genuine Presence Assurance® technology to support its global expansion. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210419006005/en/ iProov's Genuine Presence Assurance® technology enables enterprises to securely verify the identity of customers online. (Photo: Business Wire) Launched in 2017 by qualified trust service provider, Belgian Mobile ID, itsme® is Belgium's digital identity app. It is currently used by more than 35% of the Belgian population and is relied on by more than 150 companies in the private sector (banks, insurance companies etc) and by the Belgian government. From now, users in the Netherlands will also have access to itsme®’s trusted ID solution and will be able to securely authenticate themselves and onboard to digital services. iProov will verify the faces of new users, whatever their mobi
Sale of 60.5% of ENGIE EPS by ENGIE to TCC: ENGIE EPS to Become NHOA20.4.2021 08:00:00 EEST | Press release
Regulatory News: This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210419005984/en/ (Photo: Business Wire) ENGIE has announced the signing of a Sale Purchase Agreement with Taiwanese company TCC for its 60.5% stake in the share capital of ENGIE EPS (Paris:EPS). TCC, with an over $10 billion market capitalization, is one of the pre-eminent industrial groups in Asia, with activities in battery manufacturing, cement production, power generation, environmental services, chemicals, logistics and infrastructures. TCC has been very active in recent years in developing renewable energy and energy storage systems. The completion of the transaction, executed at Euro 17.10 per share, corresponding to an aggregate consideration of Euro 132 million and an implied Enterprise Value of over Euro 240 million, will be followed, in accordance with applicable regulations, by the filing of an all-cash simplified mandatory tender offer for all outst
Beeline Russia and P.I. Works Expand Partnership Scope with Automated Radio Access Network Planning20.4.2021 08:00:00 EEST | Press release
Beeline, Russia’s established mobile operator, has partnered with P.I. Works on network planning project, aimed at streamlining the operator’s investment planning processes and revolutionizing customer experience. As a part of the project, P.I. Works SmartPlan, the cutting-edge automated and AI driven network planning solution, will be deployed nationwide. Prior to this agreement, P.I. Works provided network planning services for Beeline, which exemplified the SmartPlan’s Return on Investment and Service Quality based planning capabilities. This initial project covered three of Russia’s branches, Moscow, Krasnodar and Novosibirsk, and optimized investments by 19% for high-level technical calculations and resulted in a reduction of 23% of the number of planned sites with LTE extensions. These results highlight the investments that Beeline Russia is making in data networks, and supports the possibility of improving time-to-market, thereby paving the way to a nationwide full-scale automat
LG Chem to Accelerate the Advancement Into the Promising Carbon Nanotubes Market20.4.2021 08:00:00 EEST | Press release
LG Chem (KRX: 051910) has launched the largest Carbon Nanotube (CNT) manufacturing plant in Korea. The company is actively targeting the rapidly growing CNT market, widely used as the material for cathodes in electric vehicle batteries. On April 14th, LG Chem announced that the 1,200 metric tons (MT) expansion of Yeosu CNT 2nd Plant was completed and has begun the commercial operations. Combined with the existing 500 MT which started its first operation in 2017, LG Chem has obtained a total capacity of 1,700 MT. LG Chem’s new CNT 2nd Plant was constructed as the world’s largest single-line production facility with a self-developed fluidized bed reactor. The plant has achieved stable quality control by complete automation and reduced power consumption by 30% through process innovation. The CNT produced at this plant will be supplied to market-leading global electric vehicle battery companies as a conductive additive. Also, its applications will be extended to a wide range of fields such
Xsolla Introduces Safe and Secure Solution to Manage Worldwide Influencer Payouts for Developers of All Sizes19.4.2021 17:00:00 EEST | Press release
Xsolla, the video game commerce company powered by Transaction Engine and Business Engine to help developers and publishers market, sell, connect and optimize their games globally, today introduced its Influencer Payouts solution that allows developers to easily manage safe and secure payouts to influencers who promote their games. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210419005313/en/ Learn how Influencer Payouts can work for you. (Graphic: Business Wire) Xsolla’s new Influencer Payouts solution empowers developers from indie to enterprise-level with a convenient and efficient tool that can automate performance-based payments to content creators utilizing a tiered structure that can quickly be customized and scaled to reach influencers at all levels around the world. Developers can choose from multiple options for influencers, such as revenue sharing based on the number of views, direct sales, or the number of hour
VELO3D Adds Renowned Business Leader Stefan Krause to Board of Directors as Audit Committee Chair19.4.2021 16:04:00 EEST | Press release
VELO3D Inc., a leader in additive manufacturing (AM) for high-value metal parts, today announced the appointment of renowned business leader Stefan Krause to the company’s board of directors as audit committee chair. With more than 30 years of experience working at some of the most recognizable and successful companies in the world, Krause has built a singular career that previously included a chief financial officer (CFO) role at BMW – where he was the youngest ever to hold the position and a member of the management board. Krause then took on a similar role at Deutsche Bank, earning himself a reputation as one of the world’s top CFOs. He also previously served as chairman of Rolls Royce Motorcars, Postbank AG and BHF Bank. He has been in the supervisory boards of Rocket Internet and Allianz AG. Krause has also been involved with multiple startups during his career and has been CEO and co-founder of electric vehicle maker Canoo. “Stefan’s international business background, his experti
Amazon Becomes Europe’s Largest Corporate Buyer of Renewable Energy19.4.2021 16:00:00 EEST | Press release
Amazon (NASDAQ: AMZN) today announced nine new utility-scale wind and solar energy projects in the U.S., Canada, Spain, Sweden, and the UK. The company now has 206 renewable energy projects globally, including 71 utility-scale wind and solar projects and 135 solar rooftops on facilities and stores worldwide, which will generate 8.5 GW of electricity production capacity globally. With this latest announcement, Amazon is now the largest corporate purchaser of renewable energy in Europe, with more than 2.5 GW of renewable energy capacity, enough to power more than two million European homes a year. These projects supply renewable energy to Amazon’s corporate offices, fulfillment centers, Whole Foods Market stores, and Amazon Web Services (AWS) data centers, which power Amazon and millions of AWS customers globally. The renewable energy from these projects also helps Amazon meet its commitment to produce the clean energy equivalent to the electricity used by all consumer Echo devices. All
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.Visit our pressroom