“DevSecOps has moved security front and center in the world of modern
development; however, security and development teams are driven by different metrics, making objective alignment challenging. This is further exacerbated by the fact that most security teams lack an understanding of modern application development practices. The move to microservices-driven architectures and the use of containers and
serverless has shifted the dynamics of how developers build, test, and deploy code.
As a result, a convergence of application security tools is underway. Organizations are overwhelmed with the amount of and overlap in issues raised from multiple testing tools, complicating prioritization and mitigation, so integrated application security platforms are desired. In order to gain insight into these trends, ESG surveyed 378 IT, cybersecurity, and application development professionals at organizations in North America (US and Canada) involved with securing application development tools and processes”.