The DevOps Pulse is Logz.io’s annual analysis of the DevOps industry highlighting key trends, points of interest, and challenges that DevOps and IT Operations professionals experience on a daily basis.
This year, over 1,000 IT professionals across the globe provided their insights on how DevOps is changing and expanding on an international level throughout various industries.
Logz.io is an intelligent log analytics platform that combines ELK as a cloud service and sophisticated machine learning to derive new insights from machine data.
If you have any questions, we invite you to e-mail us at: email@example.com
Each year, the DevOps Pulse homes in on an area of particular concern to the DevOps community. With GDPR now enforceable and worldwide organizational concerns over security and data privacy, there is no better time to focus on security.
That’s why this year’s DevOps Pulse Survey explores the usual trends in DevOps along with a dedicated section devoted to security and its implementation in DevOps organizations.
54% of organizations use DevOps personnel to handle security incidents. This is closely followed by specialized Security Operations.
However, more than half of respondents have trouble recruiting talent for security roles, revealing a major skills gap affecting many technical organizations.
Despite the fact that DevOps teams handle security, it seems that there is still a tremendous learning curve in implementing DevOps security best practices.
53% do not practice DevSecOps, and the vast majority do not have a good understanding of DevSecOps best practices or the tool set to help its implementation.
Container orchestration has grown dramatically in the past two years. In 2016, 72% of DevOps Pulse respondents did not use container orchestration services.
Today the number of respondents using Kubernetes has increased tremendously to almost 34%, while Docker Swarm remains a solid alternative at close to 15%.
In 2016, more than 80% of DevOps Pulse respondents had a CI/CD strategy, were in the process of implementing one, or were considering the possibility.
By 2018, the numbers increased with 91% already in the process or thinking about implementing CI and 85% already in the process or thinking about implementing CD. At this point, about 67% have fully implemented CI, and about 53% have fully implemented CD.
DevOps teams are still struggling to bring security into the mix. The majority of DevOps professionals report that they are not practicing DevSecOps and that there is a lack of knowledge and tools to help in this area.
We believe this will change in the near future.
As organizations begin to understand the growing impact security has on the application release cycle, as well as on compliance, a larger focus will be placed on adding the “sec” into the “dev” and the “ops”.
To facilitate this, these organizations will be able to make use of a growing number of DevSecOps best practices, as well as specified tooling. Automated security, code dependency scanning, threat assessments and developer training are just some of the methodologies that we expect to see increasingly in practice by the end of 2018.