webAI and MacStadium(link is external) announced a strategic partnership that will revolutionize the deployment of large-scale artificial intelligence models using Apple's cutting-edge silicon technology.
Enterprises Sacrifice Cybersecurity for Speed
Major SecOps Reality Gap: 85% of Companies Say Practicing SecOps is a Goal While 35% Actually Do
March 15, 2018
More than half of companies (52%) admit to cutting back on security measures to meet a business deadline or objective, according to a SecOps research report released by Threat Stack.
As further evidence that companies are sacrificing security for speed, Threat Stack found that 68% of companies say their CEO demands that DevOps and security teams not do anything that slows the business down. But that pressure doesn’t just come from the corner office, as 62% of companies also admit that their operations team pushes back when asked to deploy security technology.
“Businesses have grappled with the ‘Speed or Security’ problem for years, but the emergence of SecOps practices really means that companies can achieve both,” said Brian M. Ahern, Threat Stack Chairman and CEO. “The survey findings show that the vast majority of companies are bought-in, but unfortunately, a major gap exists between the intent of practicing SecOps and the reality of their fast-growing businesses. It’s important that stakeholders across every enterprise prioritize the alignment of DevOps and security.”
The SecOps Reality Gap
The purpose and intent of SecOps is to build towards distributing security decisions at speed and scale to those who hold the highest level of context without sacrificing the required controls. Survey respondents demonstrated a clear understanding of the importance of SecOps to the overall success of their business, with 85% saying that SecOps is a goal for their organization.
Despite clear intent to implement SecOps, only 35% of respondents say SecOps is completely or mostly an established practice at their organizations, while only 18% say it’s not established at all. These numbers dwindle according to specific job roles: 25% of security professionals believe that SecOps is an established practice at their companies, while only 10% of DevOps professionals agreed.
DevOps and Security Teams Operating in Silos
To help understand the obstacles to implementing SecOps, Threat Stack’s research found that challenges are primarily centered on organizational alignment as DevOps and security teams are not routinely integrated.
■ 44% of developers are not trained in secure coding, and 42% of operations staff are not trained in basic security practices.
■ Only 40% of respondents agree that DevOps are always incorporated into security processes.
■ A security specialist is a part of only 27% of Ops teams and 18% of Dev teams.
■ When respondents were asked whether they have the ability to fix a security-related issue themselves, 44% of DevOps respondents said they rely on someone else vs. 35% of security respondents.
■ 41% of DevOps professionals rated their organizations’ ability to detect and remediate security incidents as “average” vs. 35% of security professionals.
The Cloud Security Consequences
The speed of today’s business is driving companies to capitalize on the business benefits of cloud infrastructure and automation in order to compete. Threat Stack’s survey showed that the lack of SecOps adoption impacts the security of this infrastructure, given that more than half of the participating professionals rated the security of their organizations’ cloud infrastructure and environment as average or worse.
Industry News
March 27, 2025
March 27, 2025
Development work on the Linux kernel — the core software that underpins the open source Linux operating system — has a new infrastructure partner in Akamai. The company's cloud computing service and content delivery network (CDN) will support kernel.org, the main distribution system for Linux kernel source code and the primary coordination vehicle for its global developer network.
March 27, 2025
Komodor announced a new approach to full-cycle drift management for Kubernetes, with new capabilities to automate the detection, investigation, and remediation of configuration drift—the gradual divergence of Kubernetes clusters from their intended state—helping organizations enforce consistency across large-scale, multi-cluster environments.
March 26, 2025
Red Hat announced the latest updates to Red Hat AI, its portfolio of products and services designed to help accelerate the development and deployment of AI solutions across the hybrid cloud.
March 26, 2025
CloudCasa by Catalogic announced the availability of the latest version of its CloudCasa software.
March 26, 2025
BrowserStack announced the launch of Private Devices, expanding its enterprise portfolio to address the specialized testing needs of organizations with stringent security requirements.
March 25, 2025
Chainguard announced Chainguard Libraries, a catalog of guarded language libraries for Java built securely from source on SLSA L2 infrastructure.
March 25, 2025
Cloudelligent attained Amazon Web Services (AWS) DevOps Competency status.
March 25, 2025
Platform9 formally launched the Platform9 Partner Program.
March 24, 2025
Cosmonic announced the launch of Cosmonic Control, a control plane for managing distributed applications across any cloud, any Kubernetes, any edge, or on premise and self-hosted deployment.
March 20, 2025
Oracle announced the general availability of Oracle Exadata Database Service on Exascale Infrastructure on Oracle Database@Azure(link sends e-mail).
March 20, 2025
Perforce Software announced its acquisition of Snowtrack.
March 19, 2025
Mirantis and Gcore announced an agreement to facilitate the deployment of artificial intelligence (AI) workloads.
March 19, 2025
Amplitude announced the rollout of Session Replay Everywhere.
March 18, 2025
Oracle announced the availability of Java 24, the latest version of the programming language and development platform. Java 24 (Oracle JDK 24) delivers thousands of improvements to help developers maximize productivity and drive innovation. In addition, enhancements to the platform's performance, stability, and security help organizations accelerate their business growth ...
