Research Reveals Global Growth of Secure DevOps
New research from Secure Code Warrior®, the global secure coding company, has revealed an attitudinal shift in the software development industry, with organisations bucking traditional practices for DevOps and Secure DevOps.
The global survey of professional developers and their managers found seven in 10 organisations (70%) recognise the importance of secure coding practices, with results indicating an industry-wide shift from reaction to prevention is underway.
Dr. Matias Madou, Chief Technology Officer and Co-Founder at Secure Code Warrior, said, “We are seeing a fundamental shift in mindsets across the world, as the industry slowly moves from reactive, band-aid solutions rolled out after a breach, to the proactive and human-led practice of writing quality software that is intrinsically free from vulnerabilities right from the very first keystroke.”
“This research shows that ‘secure code’ is becoming synonymous with ‘quality code’ within software development, and security is becoming the responsibility of development teams and leaders—not just AppSec professionals,” he said.
Secure coding seen as ‘reactive’
Reactive practices like using tools on deployed applications and manually reviewing code for vulnerabilities were the top two practices respondents associated with coding securely. However, a proactive shift in mindset was evidenced across the globe, with more than half (55%) of the developers surveyed also recognising secure coding as the active, ongoing practice of writing software protected from vulnerabilities.
Managers and developers are misaligned
Over half (55%) of managers surveyed said secure coding was practised and integrated throughout the entire development process, compared to only 43% of developers. Conversely, 36% of developers consider secure coding during development but not the design phase, as opposed to under one-third (32%) of managers.
Secure code an increasing indicator of success
While those surveyed identified ‘application performance’ and ‘functionality and features’ as the most common success metrics within software development (67% and 62% respectively), almost four in five (79%) respondents said the importance of ‘secure code’ was growing in prominence.
Application security is shifting
Almost half of respondents (46%) said development leads and teams should be responsible for application security rather than AppSec teams (24%). Over eight in 10 (81%) developers surveyed said they were accountable for any vulnerable code produced.
Developers motivated to upskill
‘Increased productivity and efficiency’, ‘curiosity’ and ‘avoiding problems caused by insecure code’ were identified as the leading intrinsic motivators to learn secure coding (20%, 14% and 11% respectively). Despite only 10% of respondents listing career advancement as a personal motivator, four in five (81%) managers were more likely to hire talent with secure coding skills.
More training is needed
91% of managers surveyed said they faced greater than average difficulty when implementing secure coding practices within their organisation, despite the overwhelming majority of respondents (97%) believing they were sufficiently trained. Perhaps, this is because almost nine in 10 (88%) developers surveyed said coding securely was challenging.
Madou added, “With OWASP’s Top 10 software vulnerabilities causing more security breaches over the past two decades than any others, now is the time for businesses to upskill developers to gain the knowledge and skills needed to stamp out insecure code and prevent issues from occurring in the first place.”
“Code is at the heart of everyday interactions, and Secure Code Warrior is focused on championing security-skilled developers who can create amazing, safe software for our connected world.”
To gain early access to the report, ‘Shifting from reaction to prevention: The changing face of application security 2021’, register your interest at scw.buzz/earlyaccess
Secure Code Warrior® commissioned Evans Data Corporation, the market intelligence leader within the IT industry, to conduct a global survey of developers and decision-makers actively engaged in software development. In August 2020, 400 respondents were surveyed across North America, India, the United Kingdom, Europe, Australia, New Zealand and South-East Asia.
About Secure Code Warrior
Secure Code Warrior is the developer-chosen solution for growing powerful secure coding skills. By making secure coding a positive and engaging experience for developers as they increase their software security skills, our human-led approach uncovers the secure developer inside every coder, helping development teams ship quality code faster.
Through inspiring a global community of security-conscious developers to embrace a preventative secure coding approach, our mission is to pioneer a people-first solution to security upskilling, stamping out poor coding patterns for good. Learn more at securecodewarrior.com.
For media enquiries, to access the full report or arrange an interview:
Carly Ryan, Hotwire
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
BridgeTower Capital Launches Security Token Pre-Offering and Announces Global Expansion With Key Partners15.4.2021 18:00:00 CEST | Press release
BridgeTower Capital, a tokenized global private equity firm, has launched a private Security Token Pre-Offering (STO) culminating 12 months of work to purposefully assemble a team of world-class partners to participate in the blockchain infrastructure and services marketplace in the rapidly growing world of decentralized finance (DeFi). BridgeTower also announced it has formed a Zurich-based entity to further expand its current offering of blockchain infrastructure products and services. BridgeTower launched its Private -STO campaign earlier this week, which provides an opportunity for accredited investors to purchase shares in the company in the form of a digital security. BridgeTower has received active participation already and is seeking to raise $200 million in this initial raise. “We are seeing a global confluence of public and private digital finance markets being fueled by the adoption of blockchain technologies. This is creating unique opportunities for those who can assemble
Cryptology Asset Group p.l.c. successfully completes a share capital increase and sale of treasury shares and reviews options for financing further growth15.4.2021 16:49:00 CEST | Press release
Cryptology Asset Group p.l.c. (ISIN: MT0001770107; Ticker: CAP), a leading European investment company for blockchain- and crypto-related business models, has successfully completed its cash capital increase by issuing 128,375 new shares and the additional sale of the entire amount of 31,625 treasury shares to institutional investors. At a fixed price of EUR 200.00 per share each, the Company will receive total gross proceeds of EUR 32.0 million, which will be used to invest in new portfolio companies from the Cryptology pipeline. The Company is also exploring the possible acquisition of crypto assets, such as Bitcoin, as part of its treasury management strategy. To finance further growth, Cryptology is also currently reviewing various options to raise additional capital, such as through the issuance of a convertible or a straight bond. ICF BANK AG has been commissioned to conduct a market review. Management will make the final financing decision based on investor feedback and the prev
Cryptology Asset Group p.l.c. resolves a cash capital increase and sale of treasury shares15.4.2021 16:45:00 CEST | Press release
The Board of Directors of Cryptology Asset Group p.l.c. (ISIN: MT0001770107; Ticker: CAP) today resolved to increase the share capital of the Company by 128,375 new shares and to sell 31,625 treasury shares which is the entire position Cryptology holds of own shares after the buyback done over the last months. Shareholders' subscription rights to the new shares and the treasury shares are excluded. The Company has entered into binding subscription agreements for the entire amount of in total 160,000 shares with several institutional investors. Closing of the transaction is expected for end of April 2021. The capital increase will be carried out in cash contributions and by partially utilizing the existing authorized capital. The share capital of the Company is to be increased from EUR 2,732,500 to EUR 2,860,875 by issuing 128,375 new bearer shares of the Company ("New Shares"). The New Shares will be issued with a pro rata amount of capital stock of EUR 1.00 per share and with full div
A Digital Transformation: Mary Kay Inc. Launches Immersive Virtual Experience Platform Suite 13 TM15.4.2021 15:03:00 CEST | Press release
Global beauty brand Mary Kay Inc. and its Mary Kay Global Design Studio present Suite 13TM, an innovative virtual beauty experience that leverages the use of virtual reality to digitize Mary Kay's first virtual pop-up showroom. Designed with the latest virtual reality technology, the new Suite 13TM offers Mary Kay Independent Beauty Consultants and their customers a 360-degree, 3D beauty experience where users can virtually browse the beauty brand’s portfolio of skin care as well as explore the company and its founder Mary Kay Ash’s history. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210415005306/en/ The new Suite 13™ offers Mary Kay Independent Beauty Consultants and their customers a 360-degree, 3D beauty experience. (Photo: Mary Kay Inc.) The new Suite 13TM invites users to tour through virtual “rooms”. Upon entering the “Lobby”, users can learn about the Company’s global legacy. The other virtual rooms include the “P
Conviva Works With ServiceNow to Provide Next Generation Customer Service for Streaming Customers15.4.2021 15:00:00 CEST | Press release
Conviva, the intelligence cloud for streaming media, today announced that its streaming insights data will be integrated with ServiceNow telecom and media industry solutions. This new integration will enable streaming providers to offer more reliable streaming services and personalized customer care experiences to drive user acquisition, reduce operational costs and increase customer lifetime value. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210415005156/en/ Conviva and ServiceNow Provide Next Generation Customer Service For Streaming Customers (Graphic: Business Wire) Conviva’s integration with ServiceNow extends ServiceNow’s offerings within the telecom and media industry and will help streaming customers to automate proactive case creation and ticket generation to identify and diagnose incidents across the entire video delivery supply chain. Adding this additional layer of automation to root cause analysis delivers im
Thales IoT SAFE to Secure Cloud Connectivity for New Internet of Things Services in Canada15.4.2021 15:00:00 CEST | Press release
Thales technology is at the heart of a new Canadian IoT project that is enabling instant, secure and scalable cloud connectivity for SIM/eSIM-enabled IoT. Working alongside TELUS, a leading Canadian wireless network operator, and the Canadian Internet Registration Authority (CIRA), the project’s certification partner, Thales is supplying SIMs and the IoT server, both compliant with the GSMA IoT SAFE specifications. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210415005017/en/ (Photo: Thales) The Thales IoT SAFE service offers an interoperable framework enabling swift deployment of IoT applications. Delivered in a plug & play SaaS mode, it benefits minimal integration effort. It creates a scalable and automatic environment for cloud data security of SIM-equipped devices with a remote management feature. TELUS continues its IoT expansion with devices across Canada, offering enterprises an innovative system that eliminates th
First Patient Enrolled in PROTECT IV Randomized Controlled Trial of Impella15.4.2021 14:03:00 CEST | Press release
Abiomed (NASDAQ:ABMD) announced today that the first patient has been enrolled in PROTECT IV, a large, prospective, multi-center randomized controlled trial (RCT) that is designed to provide the level of clinical evidence needed to achieve a Class I guideline recommendation for Impella in high-risk percutaneous coronary intervention (HRPCI). The first patient was enrolled at Ascension St. John Hospital in Detroit by Dr. Ted Schreiber, chief of cardiology at Ascension St. John Macomb-Oakland Hospital and Dr. Amir Kaki, interventional cardiologist and director of mechanical circulatory support at Ascension St. John Hospital. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20210415005234/en/ Impella Clinical Pathway to Class I Guideline (Graphic: Business Wire) The two-arm trial will compare the benefits of HRPCI with Impella versus HRPCI without Impella support. The primary endpoint of the study is the composite of all-cause deat
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.Visit our pressroom