Developers get more confident in security but are still spending too much time on it

No Comments

New research shows increasing confidence among developers at large organizations with regards to knowledge gained from security training, but they are still spending a considerable amount of time on security-related tasks.

The study from Checkmarx looks at the current practices of development teams in large enterprises as they work toward more mature states of development, security and operations (DevSecOps).

It finds 21 percent of developers surveyed say that security is their top priority when coding. 99.6 percent of developers have access to security training and of those, 90 percent rank the effectiveness of the training they receive as medium or high.

In addition 41.53 percent of responding developers report that they understand the vulnerability tickets they receive, as well as how the vulnerability manifests during runtime, for 41 to 60 percent of the time.

Security is time consuming though, 72 percent of developers say they spend more than 17 hours each week on security-related tasks and one in four spends more than 25 hours.

"The massive increase in the number of development teams and DevOps pipelines within large organizations shows how critical it is for DevOps and security teams to build a shared culture for successful collaboration," says Martin Lindsay, vice president of regional marketing at Checkmarx. "With the ultimate goal of delivering high-performing code -- which, by definition is secure code -- these two teams are finding that improving the developer experience with application security is just the first step and that security must find a way to match the pace of agile development."

From the enterprise perspective the study finds that most large organizations are working towards and committed to achieving mature DevSecOps. 30 percent have moved beyond focusing only on the developer experience to building more sophisticated processes while 28.3 percent are tracking mean time to remediate as a metric. 45 percent are measuring code security and 46.27 percent are tracking ability to meet deadlines.

The full report is available from the Checkmarx site.

Image credit: Vadymvdrobot/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Install Linux on your old PC to save it from the landfill this Earth Day

Enterprises change how they manage cyber risk

What does the future of AI-powered software development look like -- and how secure is it?

Four common AI pitfalls -- and how to avoid them

Identity verification shifts in 2025 and what they mean for business and consumers [Q&A]

Google warns DOJ breakup plan could destroy Android and Chrome -- plus hurt the US economy

TrueNAS 25.04 ‘Fangtooth’ debuts with Linux foundation and unified SCALE and CORE codebase

Most Commented Stories

Linux Mint Debian Edition 7 gets OEM support -- does that signal the impending death of Ubuntu-based Mint?

45 Comments

Forget Windows 11 -- ReactOS, the Microsoft-free Windows operating system, just got a massive update! Download it now

19 Comments

Windows 11 finally gets a proper Start menu with this Quantum upgrade -- install it now

15 Comments

Forget Windows 11 and try AerynOS instead -- this new Linux distro just got a fresh ISO and powerful updates

12 Comments

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.9.1

9 Comments

Elon Musk merges xAI with X to distract from Twitter debt disaster and Donald Trump backlash

9 Comments

Microsoft launches new Windows 11 roadmap page so you can see what it has planned for the operating system

9 Comments

Microsoft releases KB5055523 update to fix a glut of Windows 11 problems

7 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.