Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.
The PHP Landscape in 2024 - and the Growing Need to Consider Security and Compliance
July 09, 2024
The latest annual PHP Landscape report from Zend by Perforce provides insight into how PHP is being deployed and used, and also examines challenges such as managing end of life EOL software, and scrutiny of the 572 global respondents' concerns around and plans for security and compliance.
For example, respondents were asked about their confidence that their PHP applications are secure. On average, over half are very confident, 27% saying they are somewhat confident and just over 18% saying they are extremely confident. Only 1% are not at all confident.
Respondents were also asked to share their top app security tactics. On a scale of one to five, implementing strong authentication and access controls came out on top (4.38), closely followed by implementing and enforcing secure coding practices (4.35) and regularly applying security patches and updates in application dependencies (4.2). Monitoring and logging application activities for security incidents was rated at 3.99, with the fifth most popular tactical security measure being performing automated security scanning and testing (3.52).
Regulatory Requirements
The need to adhere to regulatory or industry requirements was noted by just under 55%, with the most prevalent being GPDR at almost 70% (with that figure rising to 95% in the UK and Europe and dropping to 45% in the US), followed by ISO27001, PCI DSS and internal compliance standards (each around 20%). In addition, approximately a quarter of UK and European PHP users mentioned the EU e-privacy directive.
When asked how well all global respondents are doing in meeting all their various compliance and regulatory needs, the majority are confidence: 57% very confident, 17% extremely confident, and 22% somewhat confident. Those not at all confident accounted for a mere 0.39%.
End of Life
PHP professionals also shared which versions of PHP they use, with an average of 2.43 different ones. The majority have completed one migration during the previous 12 months and almost 70% are planning another during 2024. PHP 8.2 was the most used version, at just over 57%, followed by PHP 9.1 (almost 54%), PHP 8 (46%), and PHP 7.4 (almost 48%). Even older versions are still in action.
That almost 55% are still working with at least one end-of-life (EOL) PHP version is a cause for concern since EOL software — if not supported — presents a genuine security risk. Among teams that indicated a lack of confidence in their PHP applications' security, over 70% also use EOL versions. While a significant risk, this deferring migration is understandable, though clearly not recommended. Migration takes effort and brings its challenges, with the top two migration pain points being refactoring and testing, each of these mentioned by approximately 37%.
Insight into PHP's Usage
Respondents were also asked about what types of PHP apps they build or deploy, and the answers varied, reflecting the diversity and flexibility of PHP's uses. Services or APIs took the top spot at 78%, followed by internal business applications at just over 64%. Content management was cited by 45%, e-commerce by just under 36%, and CRM/ERM and mobile backends were both mentioned by just under 30% of users.
Respondents were also asked what types of systems their PHP applications integrate with, and unsurprisingly, almost 95% quoted relational databases. Web APIs were the next most common selection, at just under 80%, with file systems taking third place at 70%. In addition, other categories, such as key-value storage, search services, and cache services, continued their year-on-year growth.
Where users deploy their PHP applications varies, and they may have several destinations. There is a fairly even split between cloud and on-premise, with the latter at just under 50%. That figure rises for larger organizations (64%) compared to just over 45% for smaller companies. This is a reversal of the report's findings in the past few years, indicating that many are returning on-premises.
Top Priorities
The survey also looked at users' PHP priorities. Over 42% spend three-quarters of their time developing new features and a quarter on application maintenance. A further 28% split their time fairly evenly between maintenance and feature development. Overall, the survey found that around 85% are spending their time developing new features. While this is encouraging, reducing their maintenance and migration burden in the future could make even better use of their capacity and skills.
Regardless, the report's finding make it clear that without doubt PHP is alive and kicking and, despite some challenges — including security, compliance and EoL software — it continues to evolve and mature, earning its place across multiple areas within today's organizations.
Industry News
November 20, 2024
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:
November 20, 2024
Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.
November 20, 2024
Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.
November 19, 2024
OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.
November 19, 2024
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.
November 19, 2024
Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.
November 19, 2024
Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.
November 19, 2024
Rafay Systems announced new platform advancements that help enterprises and GPU cloud providers deliver developer-friendly consumption workflows for GPU infrastructure.
November 19, 2024
Apiiro introduced Code-to-Runtime, a new capability using Apiiro’s deep code analysis (DCA) technology to map software architecture and trace all types of software components including APIs, open source software (OSS), and containers to code owners while enriching it with business impact.
November 19, 2024
Zesty announced the launch of Kompass, its automated Kubernetes optimization platform.
November 18, 2024
MacStadium announced the launch of Orka Engine, the latest addition to its Orka product line.
November 18, 2024
Elastic announced its AI ecosystem to help enterprise developers accelerate building and deploying their Retrieval Augmented Generation (RAG) applications.
November 18, 2024
Red Hat introduced new capabilities and enhancements for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes, as well as the technology preview of Red Hat OpenShift Lightspeed.
November 18, 2024
Traefik Labs announced API Sandbox as a Service to streamline and accelerate mock API development, and Traefik Proxy v3.2.
