DevSecOps is…
A set of tools and processes
26%
A cultural shift to promote shared ownership of security outcomes
64%
A bias towards cross-functional team engagement
10%
I think DevSecOps is primarily focused on
The SDLC pipeline
32%
Operational concerns
22%
Governance/Risk/Compliance
45%
What is the most critical aspect of “DevSecOps”
“Shifting left” and making everyone responsible for security
47%
“Breaking down silos” between groups
17%
Building agility and resilience into shared processes
33%
Other
2%
Where are you on the DevSecOps Journey
What is DevSecOps? (we’re not there yet)
33%
All of our teams do DevSecOps. Some do Dev. Some do Sec. Others do Ops. But none of them talk.
18%
We have a centralized group that guides teams through the journey
24%
We have self-sustaining DevSecOps team and culture
16%
Other
9%