Get Puppet Enterprise First 10 nodes are free!
Try it now
Request a demo
Automate IT and infrastructure, manage complex workflows, and mitigate risk at scale.
Try the full-featured Puppet Enterprise for free on 10 nodes.
Puppet Comply Find and prevent compliance failures
Compliance Enforcement Modules Remediate to stay in compliance
Continuous Delivery for Puppet Enterprise Build, test, and deploy infrastructure as code faster and easier
Content & Modules Pre-built scripts to automate common tasks
CentOS EOL Here’s how to secure your CentOS infrastructure – even after EOL.
Find thousands of component modules built by the community and guidance on using them in your own infrastructure.
Visit Puppet Forge >>
Open Source PuppetPerfect for individuals and small infrastructure
BoltAutomate tasks in orchestration workflows
See all open source projects >>
Contribute to open source projects >>
PORTLAND, Ore., Sept. 25, 2019 (GLOBE NEWSWIRE) -- Puppet, the standard for automating the delivery and operation of the software that powers everything around us, today announced the findings of the 2019 State of DevOps Report. Over the past eight years, Puppet has surveyed over 33,000 technical professionals to develop the longest-standing and most widely referenced DevOps research in the industry. This year, nearly 3,000 respondents from around the world participated in the report, which was written by Puppet, CircleCI and Splunk Inc.
The 2019 State of DevOps Report reveals patterns and practices that help organizations integrate security into the software development lifecycle. The report found that teams at higher levels of DevOps evolution have automated their security policies, and they involve the security experts in their organizations very early in the software development lifecycle — actually, from the planning and design phases.
Twenty-two percent of the firms at the highest level of security integration have reached an advanced stage of DevOps evolution compared to only 6 percent of the firms with no security integration. These firms have achieved not only the ability to ensure customer data stays safe but also to drive new products to market faster. “The DevOps principles that drive positive outcomes for software development — culture, automation, measurement and sharing — are the same principles that drive positive security outcomes,” said Alanna Brown, Senior Director of Community and Developer Relations at Puppet and author of the State of DevOps report. “Organizations that are serious about improving their security practices and posture should start by adopting DevOps practices.” The survey found:
“It shouldn’t be a surprise to anyone that integrating security into the software delivery lifecycle requires intentional effort and deep collaboration across teams,” said Michael Stahnke, VP of Platform Engineering, CircleCI. “What did surprise me, however, was that the practices that promote cross-team collaboration had the biggest impact on the teams’ confidence in the organization’s security posture. Turns out, empathy and trust aren’t automatable.”
“This year’s report reinforces Splunk’s belief on how important it is to take a collaborative and integrated approach to service delivery,” said Andi Mann, Chief Technology Advocate, Splunk. “The 2019 State of DevOps Report proves that aligning Development, IT Operations, SRE, Incident Response, Security, and Business Analytics teams across organizations enables all stakeholders to deliver improved, more secure software services.”
Firms that have integrated security at all stages of delivery collaborate early, often and most importantly, deeply. The survey revealed the top five practices that improve security posture are:
The full 2019 State of DevOps Report is available for download at https://puppet.com/resources/history-of-devops-reports. Sponsors of the report include Anitian, F5 Networks, and ServiceNow.
The survey collected data from technical professionals with a working knowledge of their IT operations and software delivery process. A third-party research firm, OnResearch, hosted the survey and conducted the data analysis. The resulting report was written by Puppet, CircleCI and Splunk. Splunk participation involved providing analysis and commentary to the report findings. All other opinions and writings in the report were completed by Puppet and CircleCI.
PERFORCE U.S. Grace Bonacum PAN Communications Ph: +16175024300 firstname.lastname@example.org
PERFORCE UK/EMEA Maxine Ambrose Ambrose Communications Ph: +441183280180 email@example.com