GitLab Inc., a comprehensive DevSecOps Platform for software innovation, has released its 7th annual Global DevSecOps Report, “Security Without Sacrifices”. The report highlights the successes, challenges, and priorities for DevSecOps implementation based on a survey of over 5,000 IT leaders, CISOs, and developers from various industries, including financial services, automotive, healthcare, telecommunications, and technology.

The survey reveals that security continues to be a significant priority for organizations as the global threat landscape continues to grow. DevSecOps teams are becoming more aware of security as a shared responsibility, incorporating security earlier in the software development lifecycle, allowing development, security, and operations teams to work collaboratively instead of working in silos.

71% of security professionals said that a quarter or more of all security vulnerabilities are being captured by developers, up from 53% in 2022. Additionally, 38% of security professionals reported being part of a cross-functional team focused on security, up from 29% in 2022. However, 85% of security respondents reported having the same or less budget than 2022, highlighting the need to do more with less.

Artificial Intelligence (AI) and machine learning (ML) have become critical components of DevSecOps workflows, with 65% of developers using AI/ML in testing efforts or planning to use it in the next three years. Toolchain management continues to be a significant barrier to developer productivity, with 66% of survey respondents reporting a desire to consolidate their toolchains this year.

Respondents working within government entities globally noted slowed or stagnant software development despite the ongoing demand for improved digital experiences within the public sector. More than half of total government respondents said they are evaluating or purchasing a DevSecOps solution in one to three years.

“Organizations globally are seeking out ways to do more with less. This means that efficiency and security cannot be mutually exclusive when identifying opportunities to remain competitive,” said David DeSanto, Chief Product Officer at GitLab. “GitLab’s research shows that DevSecOps tools and methodologies allow leadership to better secure and consolidate their disparate, fragmented toolchains and reduce spend, while also freeing up development teams to spend time on mission-critical responsibilities and innovative solutions.”