Security Professionals Express Frustration with Deployment Process, Warn of Increased Risks in New Waratek Survey
83 percent of security professionals polled say the increase in rate of deployment has led to an increase in previously remediated vulnerabilities being reintroduced
DUBLIN and CHICAGO, July 19, 2022 /PRNewswire/ -- Waratek, the Security-as-Code industry pioneer empowering security teams to scale with the speed of modern software development, announced today the results of the company's "What Security Professionals Really Think About DevOps" survey. The survey set out to uncover a greater understanding of what challenges security teams on the front lines face. The respondents largely agreed that the increased rate of software deployments has introduced a serious challenge to security teams, leading to burnout and higher security risks.
"The survey paints a picture of a very frustrated security industry," said Doug Ennis, CEO of Waratek. "The never-ending deployment treadmill has security teams feeling like they are moving fast but going nowhere. As software grows in complexity and release cycles continue to accelerate, previously fixed vulnerabilities are being reintroduced at an alarming rate, making it increasingly difficult to simply even maintain an existing security posture. Manual security processes in the DevOps process, even introduced earlier, just aren't a sustainable way to address the ever-growing threat landscape."
Key takeaways from the report include:
- Nearly 83 percent of security professionals say that the increase in rate of deployment led to an increase in previously remediated vulnerabilities being reintroduced.
- 61 percent of teams have to delay critical security work, even when security is "shifted left" in the DevOps process.
- Tooling is designed to save time, yet almost a third of security professionals spend nearly a third of their week investigating scanner results.
- More than 50 percent of security professionals say they spend days or weeks per year investigating false positives.
"What we found very interesting is that even though security teams are implementing manual security activities earlier in the DevOps process, it's just relocating existing pain," said Ennis. "It's clear that the time is ripe for a Security-as-Code platform that automates the desired security behavior within every deployment, release after release. Companies shouldn't have to choose between staying competitive or staying protected. By providing security teams the template to immutably tell their applications what behavior they want to secure and what they expect, both security and development teams can focus on just doing their jobs."
"Utilizing security as code enables organizations to scale with modern software development by codifying security and policy into development processes and workflows," explained Melinda Marks, Senior Analyst, ESG.
The full report from Waratek can be downloaded here.
ABOUT WARATEK
Waratek is the Security-as-Code industry pioneer empowering security teams to seamlessly scale with the speed of modern software development. Companies shouldn't have to choose between staying competitive or staying protected. Headquartered in Chicago, IL, and Dublin, Ireland, Waratek's multiple-award-winning solution is trusted by some of the world's most recognizable brands including IBM, Google, Amazon, Microsoft, and more. The company has been recognized and awarded for its innovation in security deployment by CRN, CDM, Gartner Group, RSA, FinTech Innovation Lab, Computer Technology Review, and Government Computer News. For more information visit www.waratek.com or connect with us on LinkedIn, Twitter, or YouTube.
Media Contact:
Kira Perdue
Carabiner Communications
404.556.0062
[email protected]
SOURCE Waratek
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
Newsrooms &
Influencers
Digital Media
Outlets
Journalists
Opted In
Share this article