DevSecOps is struggling with a low adoption rate, yet those who have implemented the process praise its impact — notably in incident detection efforts and incident response and remediation times, according to a new report from observability platform provider Mezmo and Enterprise Strategy Group (ESG).
Mezmo and ESG’s “Leveraging Observability Data for DevSecOps” report found that of the 200 DevOps and IT/information security professionals surveyed, only 22% of the organizations they represent have developed a formal DevSecOps strategy. However, the study notes that there is a potential for growth in DevSecOps adoption, and 62% of respondents’ organizations are actively evaluating use cases or have plans to implement DevSecOps.
DevSecOps crusaders have reaped its benefits — 95% of respondents who have developed a DevSecOps strategy in integrating security into software development lifecycle processes reported a positive impact on accelerated incident detection, and 96% said this impact in response efforts as well.
Overall, more than half of respondent organizations using DevSecOps tools and processes had a significant reduction in incidents that occur in production, according to the report.
Still, more companies are prioritizing establishing a culture of collaboration and encouraging developers to leverage security best practices over adopting DevSecOps tools.