As organizations adopt modern software development processes, developers are empowered to quickly develop and release their applications by deploying them to the cloud. Security teams are challenged keeping up with the growth and speed of continuous integration/continuous deployment (CI/CD) cycles and their dynamic components.
While the industry has been talking about shifting security left to help security scale with rapid development, organizations have faced challenges putting that into practice. Most cloud-native security incidents are caused by misconfigurations, putting pressure on security teams to find ways to incorporate security into development so coding issues are caught and fixed before deployment. Organizations also need to focus on better ways to work with developers for rapid remediation of any detected security issues.
In order to gain insights into these trends, ESG surveyed 350 IT (30%) and cybersecurity (40%) decision makers, as well as application developers (30%), responsible for evaluating, purchasing, and utilizing developer-focused security products at midmarket (100 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada).