Security Takeaways from GitLabs 2022 DevSecOps Survey

GitLab Security Survey

GitLab 2022 Survey, What is and Why it Matters

GitLab is a software development platform that is open-source and free to use. It is an excellent choice for large-scale DevOps and DevSecOps projects. GitLab is a frontrunner in the industry, and every year publishes its Global DevSecOps Survey,  which identifies future trends and challenges in the DevOps and DevSecOps fields.

Over 5000 DevOps and DevSecOps practitioners participated in the poll that GitLab conducted. They were given a variety of questions relevant to the sector, some of which were, “What do you see as the most important investment priority for 2022?” and “What is the most important advantage of utilizing a DevOps platform?” After collecting and analyzing the responses, the DevOps and DevSecOps community, as well as business executives, can now gain insight into the perspective trends and leverage the information obtained by GitLab’s survey to assist their teams in their day-to-day activities while also staying abreast of the progression of the industry as a whole.

Source: The GitLab 2022 DevSecOps Survey

Key Results and Findings

The survey yielded a wealth of information, and GitLab divided the results into four categories: DevSecOps survey top findings, development top findings, security top findings, and operations top findings:

DevSecOps Survey Top Findings

The top results of the DevSecOps survey revealed a number of important discoveries, such as the fact that 69% of respondents said they had too many tools and wanted to combine their toolchains because monitoring, deployment, and development took too long. Another intriguing discovery was that over 70% of respondents stated that they were required to deploy code multiple times a day. This figure is 11% higher than it was in 2021.

Devops Security

Source: The GitLab 2022 DevSecOps Survey

Development Top Findings

The utilization of a DevOps platform was the primary factor that led to the dramatic acceleration of release times, which was one of the most significant discoveries from the creation of the top findings. Also, developers acknowledged challenges such as Covid-19, recruitment, security threats, cultural transformations, and steep learning curves in technology have made their work more challenging than it has ever been. In addition, the activities of planning, code review, and automated testing are, in no particular order, the top three things that software engineers would want to spend more time doing.

Security Top Findings

A substantial majority of security professionals (71%) gave their organization’s security efforts a rating of “good” or “excellent” for the second year in a row, indicating that this trend will likely continue. This evaluation was almost exactly the same as the one done the year before, and it unquestionably indicates the growing emphasis on security. In addition, security professionals are becoming more involved in day-to-day activities and are conducting more “hands-on” work with members of the development and operations teams. Additionally, shift left continues growing, which results in more teams doing more scans. Lastly, the percentage of people who feel “somewhat” or “extremely” unprepared for the future has never been higher than it is now. 43% of those who participated in the survey gave this response.

Organization Security

Source: The GitLab 2022 DevSecOps Survey

Operations Top Findings

Operations today involve a greater variety of roles and duties than they ever have before, including platform engineer, DevOps coach, and cloud administrator, to name just a few examples. A further important result was that more than one-third of individuals who work in operations have said that the excessive quantity of data they need to sift through makes it difficult to identify and obtain the information they require when trying to solve a problem or resolve an incident. Last but not least, there has been a significant increase in automation. Both the percentage of operations teams that are fully automated and the percentage that is “largely” automated have seen significant increases since 2021.

Closer Look at Security

The outcomes, as well as the ongoing trend, have consistently focused on security and automation. This can be seen across everything. The demands placed on DevSecOps and Developers to produce and develop at a faster rate are only expected to increase. Teams have a greater responsibility than ever before to make use of secure coding platforms and automated scanning tools in order to guarantee the safety of the code they publish and continue to update. The only way for developers to keep up with the frequency of releases that they are now being asked to deliver is by prioritizing security and integrating it very early in the development lifecycle. In other words, application security is no longer a luxury but rather a necessity.

Increase Security Scanning

Source: The GitLab 2022 DevSecOps Survey


In conclusion, the results of GitLab’s 2022 poll offer some extremely intriguing insights into the future of DevOps and DevSecOps in 2023. The fact that demand will continue to climb for quicker code deployment should not come as a surprise to anyone. Because of this rising demand, there is a continuing rise in the level of worry around security. It stands to reason that teams will have less time to devote to performing code reviews the more work is deployed. This, in turn, creates the demand for additional automation and safe coding platforms, which enable firms and developers to address the growing number of security challenges. All in all, GitLab’s 2022 Global DevSecOps Survey is a must-read for anyone in the industry. You can check it out in detail, focusing on the security section, directly on their web:

The post Security Takeaways from GitLabs 2022 DevSecOps Survey appeared first on GuardRails.

*** This is a Security Bloggers Network syndicated blog from GuardRails authored by GuardRails. Read the original post at: