We are still in the early days of including security in continuous integration (CI), continuous delivery (CD), and DevOps workflows. Given that only half of enterprise deployments include security testing elements today, there’s still plenty of room for improvement.
Enterprises implementing CI, CD, and DevOps releases are working with large-scale infrastructures, focusing on faster releases with sizeable code changes. As a result, scaling application security testing can be a complex process. However, despite the misconception that security slows down software releases, organizations can actually reduce risk and save themselves rework headaches by considering and implementing security activities early in the SDLC.