CFOtech New Zealand logo
Technology news for Kiwi CFOs and financial decision-makers
Story image

Global rise in DevSecOps but role uncertainty persists - GitLab study

By Sara Barker
Mon 25 May 2020
FYI, this story is more than a year old

The line between development teams, security teams, and operations teams continues to blur into the culmination of DevOps and DevSecOps, according to those working in the industry.

Rising rates of DevOps adoption and tool choices are leading to job function changes, and organisation charts across development, security, and operations.

GitLab reports that DevOps practitioners are working with faster release times, continuous integration and deployment, and progress towards shifting test and security ‘left’, says GitLab CEO and cofounder Sid Sijbrandij.

“That said, there is still significant work to be done, particularly in the areas of testing and security. We look forward to seeing improvements in collaboration and testing across teams as they adjust to utilising new technologies and job roles become more fluid.”

The GitLab Global DevSecOps Survey explains that teams must understand how the role of the developer is changing, and how it affects security, operations, and test teams.

35% of developers say they define and/or create the infrastructure their app runs on, but only 14% monitor and respond to that infrastructure. This is traditionally a role held by operations. Additionally, more than 18% of developers instrument code for production monitoring, while 12% serve as an escalation point when there are incidents.

Furthermore, 83% of developers report being able to release code more quickly after adopting DevOps. continuous integration and continuous delivery (CI/CD) is also proven to help reduce time for building and deploying applications – 38% said their DevOps implementations include CI/CD. 

An additional 29% said their DevOps implementations include test automation, 16% said DevSecOps, and nearly 9% use multi-cloud.

Automated testing is on the rise, but only 12% claim to have full test automation. And, while 60% of companies report deploying multiple times a day, once a day or once every few days, over 42% say testing happens too late in the development lifecycle.

There is increasing uncertainty from both developers and security teams over who should take responsibility for security development.

More than 25% of developers reported feeling solely responsible for security, compared to testers (23%) and operations professionals (21%).

Additionally, 33% of security team members say that they ‘own’ security, while 29% say everyone should be responsible.

Despite questions of ownership, security teams continue to report that developers are not finding enough bugs at the earliest stages of development and are slow to prioritize fixing them – a finding consistent with last year’s survey. 

More than 42% of security respondents say that testing still happens too late in the life cycle, while 36% reported it was hard to understand, process, and fix any discovered vulnerabilities, and 31% found prioritising vulnerability remediation an uphill battle.

“Although there is an industry-wide push to shift left, our research shows that greater clarity is needed on how teams’ daily responsibilities are changing, because it impacts the entire organisation’s security proficiency,” comments GitLab vice president of security, Johnathan Hunt. 

“Security teams need to implement concrete processes for the adoption of new tools and deployments in order to increase development efficiency and security capabilities.”

GitLab surveyed more than 3,650 software professionals from 21 countries worldwide.

Related stories
Top stories
Story image
Commerce Commission
ComCom puts electronics sector on notice over resale price maintenance
The Commerce Commission has concluded an investigation into allegations that television manufacturers were engaging in illegal resale price maintenance.
Story image
Market growth
Salesforce unveils new offerings for consumer goods companies
Salesforce has announced new products for consumer goods companies to help brands navigate increasing market complexity more easily.
Story image
Government
Cyclone selected as NZ MOE software licensing partner
Following a recent Request for Proposal (RFP), Christchurch-based company Cyclone Computer Company Ltd (Cyclone) has been selected as The Ministry of Education’s software licensing partner.
Story image
Healthcare
Workday winning on culture and family focus
This family-first approach sees all employees receive access to family-wide private healthcare cover, as well as income protection and life insurance policies.
Story image
Artificial Intelligence
Finance is on a new footing to improve internal customer service
Finance functions and leaders have marked 2022 down as a year for process improvement, writes Servicely’s founder and CEO Dion Williams.
Story image
Axway
New financial accounting hub can manage 40 million events daily
The new Axway Financial Accounting Hub can manage 40 million events daily and halve costs and integration time for ERP Finance migration projects.
Story image
Cloud
Chatbots gaining momentum in customer service space
Chatbots are gaining momentum in the customer service space, but a human touch still unbeatable, according to a new study.
Story image
Banking
Banks, PSPs prioritising payment modernisation to compete
A new report gives payment providers a forward-looking view of the evolution of payments and investment drivers for modernisation.
Story image
Cloud
TradeWindow using Nintex platform amid global expansion
TradeWindow is using Nintex Promapp to support its recent expansion and to prepare for ambitious international growth.
Story image
Microsoft
Volpara, Microsoft project to detect cardiovascular issues
Volpara Health Technologies is working with Microsoft on a research and development project to speed up creating a product that detects and quantifies breast arterial calcifications (BACs).
Story image
Cloud
Dynatrace named Leader in Gartner’s 2022 Magic Quadrant
Gartner has named Dynatrace a Leader in the 2022 Magic Quadrant for Application Performance Monitoring (APM) and Observability.
Story image
Hybrid workforce
Why hybrid working is here to stay and how to ace it
Citrix's new report reveals hybrid workers are more productive and engaged at work than their office and completely remote counterparts.
Story image
Open XR
Juniper Networks, Sumitomo Electric, Arrcus join Open XR forum
Building a robust multi-vendor ecosystem is essential to enable network operators to achieve increased network capabilities provided by XR optics technology.
The Access Group
Increasing headcount isn't always the best way to grow. A good financial strategy can help solve many issues, and The Access Group shares the secret to success.
Link image
Story image
DNS
DigiCert acquires DNS Made Easy and affiliated brands
Greg Clark comments, says, "This combination enhances the security of certificate validation and enables the automation of future validations."
Story image
Dark web
Cybercrime in Aotearoa: How does New Zealand law define it?
‘Cybercrime’ is a term we hear all the time, but what exactly is it, and how does New Zealand define it in legal terms?
The Access Group
Health and social care organisations are currently under significant financial pressure. Find out how financial transformation can help provide an effective route forward.
Link image
Story image
Collaboration
IT and security team collaboration crucial to data security
Many IT and security decision makers are not collaborating as effectively as possible to address growing cyber threats.
Story image
Digital Transformation
Apptio adds portfolio enhancements to promote digital strategy
"While digitalisation creates opportunities, it also makes budgeting far more complex, leading many companies to waste substantial funds."
Story image
Artificial Intelligence
Salesforce harnesses automated solutions with new developments
Salesforce has launched Sales Cloud Unlimited, a new feature to help accelerate productivity with AI and automation.
Story image
Open source
DataStax secures US$115 million to fund database expansion
DataStax has secured US$115 million in funding, which it will use to develop and expand its Astra DB multi-cloud database and Astra Streaming service globally.
Story image
Cloud
Cisco launches AppDynamics Cloud for greater performance
Cisco has launched AppDynamics Cloud, enabling the delivery of better digital experiences by correlating telemetry data from across any cloud environment at scale.
Story image
Logitech
How technology can level the playing field in the hybrid era
As businesses across the globe continue to grapple with the aftershocks of the COVID-19 crisis, it’s become crystal clear that the hybrid work model is here to stay.
Story image
N4L
N4L, Spark, Chorus partner for Hyperfibre school upgrade
Networks for Learning (N4L) has partnered with Spark and Chorus to upgrade Wellington College to Hyperfibre, fostering stronger outcomes for students and teachers.
Story image
Cloud
Automation a point of difference for APJ enterprises - report
There has been a massive shift in which departments are using automation tools and creating those automations, according to Workato.
Story image
Orbital Insight
Orbital Insight solution set to drive better data-driven decisions
The company says the new Site Intelligence solution will provide granular visibility, behaviour analytics and deep insights about customers and competitors at any location. 
Story image
Robotic Process Automation / RPA
rapidMATION helps Coates achieve success with landmark RPA solution
A strong Robotic Process Automation solution (RPA) can help solve many complex issues that businesses face daily. 
Story image
API
Industry-first comprehensive risk-based API security enhances protection
Application Programming Interfaces (APIs) have become a crucial part of operating web and mobile application businesses and are causing significant economic growth in the digital sector.
Story image
Citrix
The best ways to attract young talent during labour shortages
New research from Citrix reveals hybrid working and ventures into the metaverse are top of mind for Gen Z workers.
Story image
Shouta
The rise of digital gifting in the workplace
The name itself does most of the explaining; it’s a gift you receive virtually. But a misconception about digital gifts is that they need to be redeemed virtually as well. 
Story image
Unified Communications
Video: 10 Minute IT Jams - An update from Access4
Access4 are specialists in the unified communications sector, and Peter Eldon joins us today to discuss how UCaaS can play a vital role in business development.
Story image
Cybersecurity
Why is NZ lagging behind the world in cybersecurity?
A recent report by TUANZ has revealed that we are ranked 56th in the world when it comes to cybersecurity - a look into why we're so behind and what needs to be done.
Story image
Cloud
Cloudflare outage in 19 data centers worldwide due to own error
Cloudflare says its outage for 19 of its data centers yesterday was because of a change in a long-running project to increase resilience in its busiest locations.
Story image
Infrastructure
SolarWinds IT Trends Report highlights increased cloud complexity for businesses
SolarWinds' new IT Trends report has signalled a significant shift in the way businesses are dealing with hybrid cloud and infrastructure.
Story image
Robotic Process Automation / RPA
Study shows prioritising IA can deliver better operational outcomes
A new Everest Group Pinnacle Model study, supported by SS&C Blue Prism, has found that businesses that use and develop solid automated practices tend to see better operational outcomes.
The Access Group
Struggling to understand which transformative technologies will help your business? The Access Group provides a look into key opportunities and impacts for finance.
Link image
Story image
Manhattan Associates
New late-stage order cancellation to improve customer service
Manhattan Associates launches new service allowing orders to be cancelled up to the point of manifested/loaded status, preventing unwanted shipments and costly returns.
Story image
Remote Working
Globalization Partners to improve global talent hire
Globalization Partners says the global availability of its services will make it fast and simple for companies to hire and pay anyone, anywhere in the world.
Story image
Digital Transformation
Govt IT spending on the rise, driven by XaaS - Gartner
Worldwide government IT spending is forecast to total $565.7 billion in 2022, an increase of 5% from 2021, according to Gartner.
Story image
Employment
Majority of APAC CFOs concerned about rising wages
"In challenging times, CFOs look to determine how they can do things differently and as a result, new ideas about future growth emerge."
Story image
Entelar
How TruSens air purifiers can create healthier workspaces
The pandemic has heightened our awareness of our own and others’ health, and made us all much more conscious of the environments we work in.
Story image
PagerDuty
Ready for anything with the PagerDuty Operations Cloud
In a world of digital everything, teams face increasing complexity. Ever-growing dependencies across systems and processes put customer and employee experience, not to mention revenue, at risk.
Story image
eInvoicing
Airwallex, Xero extend partnership with easier invoice payments
Airwallex has extended its long-term partnership with Xero by releasing a new payment link integration for Xero invoices that will make receiving them easier and faster for Australian businesses.
Story image
Testing
Video: 10 Minute IT Jams - An update from Tricentis
Tricentis provides software testing automation, and software quality assurance products for enterprise software.