Wednesday, 05 May 2021 22:39

GitLab DevSecOps research shows pandemic energised work on Kubernetes, ML, and cloud


GitLab released its fifth annual DevSecOps survey today showing the COVID-19 pandemic enforced the broad adoption of remote work, which in turn energised teams to focus on embracing cutting edge DevOps technologies such as Kubernetes, machine learning/artificial intelligence (ML/AI) and cloud computing.

The survey also shows 60% of developers are now releasing code twice as fast with these technology adoptions, though roadblocks remain to be navigated before achieving true DevSecOps.

GitLab provides a single application for the DevOps lifecycle and has been tracking how roles across software development teams have changed as DevOps teams mature.

Its fifth annual survey was conducted across 4,294 software professionals from January to early March 2021. The margin of error is 1%, based on 27 million software professionals and a 95% confidence level.

“This year’s Global DevSecOps Survey shows that 2020 was a catalyst for DevOps maturation,” said Eric Johnson, CTO at GitLab. “Teams worldwide worked to streamline development cycles and deliver faster release time than ever before, all while adjusting to remote work and shifting priorities to meet the high demands of last year. We believe we will see improvements in testing as more teams adopt tools to automate the parts of DevSecOps that have continuously caused cycles to slow down.”

Perhaps unsurprisingly to any development team, the report found software testing and code review continue to be sticking points. However, the challenges are handled in widely divergent ways. 75% of respondents report they use or plan to use ML/AI for testing and code review, increasing from 41% in 2020.


Similarly, 55% of operations teams report their lifecycles are either completely or mostly automated, up from 8% in 2020.

The time savings gained by automation efficiencies allows DevOps teams to address other priorities, with 56% of operations professionals now report their first priority is managing cloud services and they are spending more time on compliance than they did in 2020.

84% of developers state they are releasing code faster in 2021 than ever before. This is credited to tools like source code management and continuous integration and continuous deployment (CI/CD) pipelines. 12% of respondents said adding a DevOps platform has sped up the process and 57% of respondents said code is released twice as fast. 19% said code is released at a tenfold increase.

Despite the accelerated release cycle, over 42% of respondents felt security testing is happening too late in the process. 37% said tracking the status of bug fixes is challenging, and 33% found it difficult to prioritise remediations. These results are in line with the 2020 survey results and indicate a reactive approach to security in the development process, and that little progress is being made in this area.

The survey also revealed developer roles taking on more responsibility for what were traditionally operations- and security-related tasks. Over 70% of security professionals reported their teams have moved security considerations earlier into the development. 53% of developers reported running static application security testing scans, and 44% reported running dynamic application security testing.

Respondents indicated an improvement in their view of the company's security posture, but research indicates organisations still struggle with determining who is actually in charge of security. Almost 31% reported security teams were fully responsible, while 28% said everyone is responsible. These results are unchanged from last year and demonstrate clarity is required.

“While the industry has continued integrating security into development, and organisations are beginning to improve security overall, our research shows that a more clear delineation of responsibilities and adoption of new tools is required to completely shift security left,” said Johnathan Hunt, vice president of security at GitLab. “In the future, we hope to see security teams find more ways to lay out clear expectations for the other members of their organisation, and continue to adopt innovative technologies for scanning and code reviews to improve speed and quality of development cycles.”

Overall, the GitLab research proves DevSecOps practices have gained great strides, but more work is to be done when it comes to organising and coordinating responsibility between developer, security, and operations teams.


Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News