On TTPs: the convergence of observability and security.

Dynatrace has published a study looking at the challenges of maintaining security during DevOps processes.

Security versus innovation.

The survey of 1,300 CIOs and senior DevOps managers found that over a third (34%) of respondents are forced to sacrifice code security to keep up with the demand for faster innovation. The report outlines the following findings:

• “90% of organizations say digital transformation has accelerated in the past 12 months.
• “78% of organizations deploy software updates into production every 12 hours or less, and 54% say they do so at least once every two hours.
• “DevOps teams spend nearly a third (31%) of their time on manual tasks involving detecting code quality issues and vulnerabilities, reducing the time spent on innovation.
• “55% of organizations make tradeoffs between quality, security, and user experience to meet the need for rapid transformation.
• “88% of CIOs say the convergence of observability and security practices will be critical to building a DevSecOps culture, and 90% say increasing the use of AIOps will be key to scaling up these practices.”

Bernd Greifeneder, founder and Chief Technology Officer at Dynatrace, stated, “Teams can’t afford to waste time and effort chasing false positives, searching for vulnerabilities whenever a new threat alert appears, or conducting forensics to understand whether data has been compromised. They need to work together to drive faster, more secure innovation. Automation and modern delivery practices such as DevSecOps are key to this, but teams need to trust that their AI is reaching the right conclusions about the impact of a particular vulnerability.”