DevSecOps serves as the next iteration of DevOps, addressing the last bottleneck by integrating security practices at every phase and embracing “continuous” principles.
COVID-19 has accelerated transformation efforts. Our survey shows healthy spending & more modernization initiatives at hand. We also see a trend of developers gaining greater budget authority, in part driven by new security workflows. Many public & private companies are well positioned to capitalize.
This Ahead of the Curve® Report addresses the following topics:
THE DEVSECOPS EVOLUTION
Companies have leveraged DevOps methodologies to shorten their software innovation cycles and ship more code to production in order to accelerate digital initiatives. With that, more vulnerabilities have been exposed and security concerns are on the rise.
Historically, even if companies adopted new DevOps practices, security teams often still existed in silos and did not embrace “continuous” methodologies. With security becoming an increasing priority, bringing it into the automation fold is rising. DevSecOps is the natural stepping-stone in the digital transformation journey. In fact, 71% of respondents in our survey indicate they are embracing “shift left” initiatives.
DEVELOPERS ARE TAKING ON MORE SECURITY & BUDGET AUTHORITY
Several factors are driving more security responsibility to developers, including
1. Developers using more open-source in their software builds, introducing more vulnerabilities during the coding phase.
2. ~9x more developers than security pros. If companies want to ensure more protection as they increase the velocity of code releases, developers need to take on more responsibility.
In addition, Kubernetes & containers are easing application configuration requirements and giving developers more innovation power. These trends are driving greater budget authority to developers. In line with this, we are seeing more DevOps vendors add security & other automation capabilities to their portfolios.
SPENDING CONDITIONS ARE HEALTHY
According to our survey, DevSecOps budgets have held up relatively well this year, up ~8% vs. Gartner’s forecast of -2.5% in total software spend. This implies DevSecOps is a high budget priority, with a ~10%+ market growth outlook in 2021. And based on our findings,we estimate a $14.4B TAM (2021). ITSM, CI/CD & Security are the top 3 areas of priority post COVID-19.