Security professionals know they must implement and maintain strategies to get closer to a DevSecOps, or even DevOps, approach if they are to defend against current threats. The coveted goal of DevSecOps considers security at the very beginning of the software development lifecycle (SDLC) and enables developers to share the responsibility without sacrificing speed. A key element of that is to shift security left - or rather start left - so that developers prioritize security alongside features and functionality. When it’s done right, security-skilled developers improve productivity by reducing vulnerabilities that create rework, maintain software release velocity, and ensure quality code without compromising innovation.

But, despite the vast array of security measures adopted by organizations, we continue to feel the repercussions of exploitable software vulnerabilities.

For the 2nd year, Secure Code Warrior has commissioned research with Evans Data Corp to survey 1,200 developers globally to understand the skills, perceptions, and behaviors when it comes to secure coding practices, and their impact and perceived relevancy in the SDLC.