Security for DevOps

Analyst Report

Securing cloud-native apps is driving investments in new controls such as API security, cloud security posture management, container security, and more.

ESG surveyed 371 IT and cybersecurity professionals with responsibility for cloud programs at organizations in North America to get their input on how their data protection and security standards are evolving due to the composition of their cloud applications.

Data protection in the cloud continues to grow at a significant rate, whether using serverless, Single Page Apps (SPA), or containers. However, the migration to the cloud breaks traditional security approaches. This report aligns with Data Theorem’s mission to help customers automate all aspects of AppSec.

Key Research Findings
  • Cloud-native applications are—and will continue to be—composed of heterogenous microservices deployed across hybrid clouds

  • Automating security via CI/CD integration—i.e., DevSecOps—is becoming the standard approach for securing cloud-native applications and is now a top requirement.

  • Businesses are shifting from product and organizational silos to an integrated and unified approach, with increased involvement of the cybersecurity team resulting in multiple influencers and buyers.

  • To enable a unified approach, buyers require solutions that secure the build-ship-run lifecycle and the entire technology stack, independent of deployment locality.

About Enterprise Strategy Group

The Enterprise Strategy Group (ESG) is an IT analyst, research, validation, and strategy firm that provides actionable insight and intelligence to the global IT community. Recognized for its unique blend of capabilities—including market research, hands-on technical product testing, economic validation, and strategy consulting services—ESG is relied upon by IT professionals, technology vendors, investors, and the media to clarify the complex.

Thanks!

Read the report here: