Most organisations agree that current DevSecOps techniques need to be improved to ensure effective vulnerability management. A recent report conducted by Dynatrace surveyed over 1,300 Chief Information Security Officers (CISOs) in large organizations globally and revealed that 75% believe it is easier for vulnerabilities to penetrate production environments due to siloed teams, the complexity of multi-cloud environments, and persistent manual processes.
This is set to become a problem even worse if some DevSecOps strategies are not effectively improved, with 81% of CISOs expecting to see a greater rise of vulnerability exploits. Shockingly, only 12% of organisations actually have a mature DevSecOps culture. The survey found that the biggest success factor for effective DevSecOps is the integration of AI and automation, with 86% of CISOs believing it is critical.
Vulnerability management can become a huge drain on resources, with 28% of DevSecOps team members spending much of their time on tasks that could be automated, costing them up to 11 hours per week. Another major problem highlighted in the study is patching, with 76% of CISOs being concerned about the time needed to patch an attack between discovery and patching all endpoints.
Bernd Greifeneder, Chief Technology Officer at Dynatrace, believes that businesses should integrate solutions that combine observability and security data with AI and intelligent automation to improve their DevSecOps efforts.
Dynatrace is a software company specialising in Artificial Intelligence (AI)-powered, full stack, automated observability solutions. The company is based in Austria and has 175 offices across the world. Bernd Greifeneder is a highly experienced computer scientist with a background in the natural-language processing, deep learning and virtual reality. He has been the CTO at Dynatrace since April 2018.