2022 DevSecOps Survey - Security is the top concern

With rising concerns about supply chain attacks, secure software development is an imperative for DevSecOps teams around the world. In the GitLabs' 2022 Global DevSecOps Survey over 5,000 US DevOps professionals shared details about their teams and practices.

DevOps and DecSecOps teams focus on many areas: from deployment velocity to automation, as well as release speed and adoption of new technologies. The report also identified toolchain sprawl as a major concern, with developers spending increasing amounts of time managing complex toolchains.

Investing in a single platform allows practitioners to take advantage of more features with fewer tools – and fewer a la carte expenses.

Among the key highlights of the report is that security is both a top challenge and top area of investment for DevOps teams. According to survey data, static application security testing (SAST) and dynamic application security testing (DAST) tools have seen a huge uptick in usage since last year. However, only 10% of survey respondents report receiving additional budget for security in 2022. There's a disconnect between what the goals for security are and what the budget is, so security teams should get the support they need from leaders in the form of monetary investment.

There is still a significant gap in the identification of security issues, with half (50%) of security professionals reporting that developers are missing security issues.

An ongoing focus is on speed, security, and compliance, although the trend toward speedy software releases is mainly restricted to the private sector. The survey found that the speed of software delivery within the public sector stalled from the previous year, with 59% of government respondents reporting the same rate of delivery or slower than 2021.