A new survey conducted by Hewlett Packard Enterprise (HPE) reveals a discrepancy in enterprise application development processes. Among those surveyed, 99 percent said that adopting DevOps and other Agile software development methodologies would help make their applications more secure. However, only 20 percent said they were incorporating security testing into their processes.
“There is a notion in the industry that DevOps produces more secure code, but the problem is that DevOps in and of itself does not produce more secure code,” said Maria Bledsoe, director of product strategy for HPE Security. “It gives the opportunity to produce more secure code.”
The report also found rampant disagreement on the definition of DevOps. Among those companies that said they had not adopted DevOps approaches, 30 percent were actually using some DevOps practices like integrated teams, automated testing, frequent deployment and continuous integration.