Developers get more confident in security but are still spending too much time on it

No Comments

New research shows increasing confidence among developers at large organizations with regards to knowledge gained from security training, but they are still spending a considerable amount of time on security-related tasks.

The study from Checkmarx looks at the current practices of development teams in large enterprises as they work toward more mature states of development, security and operations (DevSecOps).

It finds 21 percent of developers surveyed say that security is their top priority when coding. 99.6 percent of developers have access to security training and of those, 90 percent rank the effectiveness of the training they receive as medium or high.

In addition 41.53 percent of responding developers report that they understand the vulnerability tickets they receive, as well as how the vulnerability manifests during runtime, for 41 to 60 percent of the time.

Security is time consuming though, 72 percent of developers say they spend more than 17 hours each week on security-related tasks and one in four spends more than 25 hours.

"The massive increase in the number of development teams and DevOps pipelines within large organizations shows how critical it is for DevOps and security teams to build a shared culture for successful collaboration," says Martin Lindsay, vice president of regional marketing at Checkmarx. "With the ultimate goal of delivering high-performing code -- which, by definition is secure code -- these two teams are finding that improving the developer experience with application security is just the first step and that security must find a way to match the pace of agile development."

From the enterprise perspective the study finds that most large organizations are working towards and committed to achieving mature DevSecOps. 30 percent have moved beyond focusing only on the developer experience to building more sophisticated processes while 28.3 percent are tracking mean time to remediate as a metric. 45 percent are measuring code security and 46.27 percent are tracking ability to meet deadlines.

The full report is available from the Checkmarx site.

Image credit: Vadymvdrobot/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Elon Musk merges xAI with X to distract from Twitter debt disaster and Donald Trump backlash

Exploring the security risks underneath generative AI services

This mechanical keyboard is just $10 on Amazon -- but you need to act fast!

The hidden cost of legacy systems: How they hinder ROI and digital transformation

Over 60 percent of malicious traffic targets retailers ahead of PCI DSS 4.0 deadline

Beyond traditional metrics: How to redefine AI success

Best Windows apps this week

Most Commented Stories

Windows 25 solves Windows 11's biggest problem -- download it now

66 Comments

'It just works': AcreetionOS is the easy-to-use alternative to Windows 10/11 -- switch to it now

48 Comments

Forget Windows 11 -- ReactOS, the Microsoft-free Windows operating system, just got a massive update! Download it now

19 Comments

Windows 20 is the upgrade Windows 11 should have been -- download it now

16 Comments

Microsoft is ready to create more annoyance by rolling out OneDrive ads to Office users

14 Comments

Forget Google Chrome and Firefox, LibreWolf is the privacy focused browser you've been looking for

13 Comments

Forget Windows 11 and try AerynOS instead -- this new Linux distro just got a fresh ISO and powerful updates

12 Comments

Microsoft admits that a recent Windows update may have made your printer act erratically

9 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.