The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of Dapr.
IT Professionals Spend Up to a Third of Their Time Chasing Vulnerabilities
March 14, 2024
While security is a top priority for developers, they are facing an uphill battle when it comes to time spent chasing vulnerabilities, the available scanning tools and alignment with security teams, according to the Developer Survey Report from Qwiet AI.
The online survey of 1,021 US IT professionals* conducted by market research firm Propeller Insights found developers are frustrated by the state of current security tools, citing incumbent tools are too noisy, time intensive and increasing tech debt at a time when development teams are overworked.
These challenges point to an internal disconnect, and despite 69% of IT professionals indicating that application security is a top priority for their organization, a staggering 27% said their goals are misaligned with their security team.
"It's clear that developers are overwhelmed by the noise produced by incumbent security tools," said Stuart McClure, CEO, Qwiet AI. "We're seeing developers spend a third of their day fixing bugs and vulnerabilities instead of writing code. For IT teams to be successful, we need to empower software application developers with the right tools that help them stay in a highly productive 'flow' state, instead of chasing false positives."
Key findings from the report include:
■ Development schedules are heavily impacted by vulnerabilities – 32.6% of respondents reported spending between 26% and 50% of their time fixing bugs instead of writing code, while 38.5% reported spending up to 60 minutes a day searching for solutions.
■ Incumbent security tools struggle to keep pace – 35.7% said there were "too many false positives" and 46.6% said incumbent tools "increase tech debt at a time when my team is already overworked."
■ Developers want features that provide additional insight – Seeing where each error originates was key to 51.7% of respondents and access to rich contextual information surrounding each error was important to 56.6% of respondents.
■ Adoption of AI-based tools was inevitable – Recent advancements in AI, increasingly sophisticated models and enhanced computing power are transforming the way developers approach application security. Developers also highlighted the transformative power of AI-based solutions in the survey, with an overwhelming 93.7% indicating the adoption of AI-based tools was inevitable and IT teams will need them to keep pace with today's dynamic cyber threat landscape.
However, staying ahead of the cyber threat curve requires unison between business and security teams. The report emphasizes the need for cyber teams to understand macro-organizational issues presented by business units.
Industry News
November 12, 2024
NetApp announced an expanded collaboration with Red Hat to offer new solutions to streamline and accelerate enterprise application development and management in virtual environments.
November 12, 2024
Akamai Technologies announced the Akamai App Platform, a ready-to-run solution that makes it easy to deploy, manage, and scale highly distributed applications.
November 12, 2024
Snyk has acquired Probely, a modern Dynamic Application Security Testing (DAST) provider based in Porto, Portugal, with coverage of API security testing and web applications.
November 07, 2024
Broadcom announced the general availability of VMware Tanzu Platform 10 that establishes a new layer of abstraction across Cloud Foundry infrastructure foundations to make it easier, faster, and less expensive to bring new applications, including GenAI applications, to production.
November 07, 2024
Tricentis announced the expansion of its test management and analytics platform, Tricentis qTest, with the launch of Tricentis qTest Copilot.
November 07, 2024
Redgate is introducing two new machine learning (ML) and artificial intelligence (AI) powered capabilities in its test data management and database monitoring solutions.
November 07, 2024
Upbound announced significant advancements to its platform, targeting enterprises building self-service cloud environments for their developers and machine learning engineers.
November 07, 2024
Edera announced the availability of Am I Isolated, an open source container security benchmark that probes users runtime environments and tests for container isolation.
November 06, 2024
Progress announced 10 years of partnership with emt Distribution — a leading cybersecurity distributor in the Middle East and Africa.
November 06, 2024
Port announced $35 million in Series B funding, bringing its total funding to $58M to date.
November 05, 2024
Parasoft has made another step in strategically integrating AI and ML quality enhancements where development teams need them most, such as using natural language for troubleshooting or checking code in real time.
November 05, 2024
MuleSoft announced the general availability of full lifecycle AsyncAPI support, enabling organizations to power AI agents with real-time data through seamless integration with event-driven architectures (EDAs).
November 05, 2024
Numecent announced they have expanded their Microsoft collaboration with the launch of Cloudpager's new integration to App attach in Azure Virtual Desktop.
November 04, 2024
Progress announced the completion of the acquisition of ShareFile, a business unit of Cloud Software Group, providing a SaaS-native, AI-powered, document-centric collaboration platform, focusing on industry segments including business and professional services, financial services, industrial and healthcare.
