Application Security at the Speed of DevOps

Created: October 26, 2017
Updated: March 20, 2020

Download the PDF to keep learning offline

The movement towards a rapid application delivery strategy and away from a traditional waterfall approach to software development is driven by the need to more effectively meet current consumer needs and market opportunities, specifically by making small changes quickly rather than making a large number of changes on a release schedule. However, pre-existing application security strategies must be adapted to meet this new approach.

Key observations include:

  1. The traditional waterfall approach, despite focusing primarily on schedule, maintains significant schedule risk.

  2. Reducing security-related risks was found to be a modest driver for investment in rapid application delivery initiatives (19%) in comparison to increasing developer productivity (32%) and increasing the leverage of virtualized infrastructure and cloud services (27%).

  3. Research shows that attacks on web applications have been 7 times more effective than all other attacks on confirmed data breaches.

  4. Aberdeen found that 45% of respondents currently do security threat modeling, while 27% report they plan to do so within the next year.

Click the research report above to read in your web browser, or download as a PDF.

most recent articles

Back to Home