The State of DevSecOps: Navigating Speed, Friction, and AI

Staff Editor 2026-05-01
The State of DevSecOps: Navigating Speed, Friction, and AI

The State of DevSecOps: Navigating Speed, Friction, and AI

https://www.cybersecurity-insiders.com/the-state-of-devsecops-navigating-speed-friction-and-ai/

Publish Date: 2026-05-01 02:33:00

Source Domain: www.cybersecurity-insiders.com

The DevSecOps landscape is undergoing significant transformation as organizations strive to balance development speed with security and operational efficiency. The research from Black Duck’s “Balancing AI Usage and Risk in 2025: The Global State of DevSecOps” report provides critical insights into the challenges and opportunities facing DevSecOps teams today.

Based on a comprehensive survey of over 1,000 global software and security professionals, this report sheds light on the ongoing tension between development speed and security, the issue of tool sprawl, and the double-edged nature of artificial intelligence (AI) in DevSecOps.

Achieving Speed at the Cost of Security?

One of the most striking findings from the report is the incredible speed at which organizations are now deploying code. Nearly 60% of organizations are deploying code daily or even multiple times a day. However, this speed is built on a fragile foundation. Security practices remain immature, with 46% of companies still relying on manual processes to get new code into the security testing queue. This automation gap means many businesses are unaware of their vulnerabilities, with 62% of organizations testing less than 60% of their applications.

The result is a growing security debt that accumulates with every release. As organizations continue to prioritize speed, they risk leaving their software vulnerable to potential threats. This highlights the need for better integration of security practices into the development lifecycle.

The Tool Sprawl Crisis

In an attempt to address complex threats, many organizations have adopted a multi-tool approach to application security testing (AST). However, this strategy has led to unintended consequences. Over 71% of respondents reported that a significant portion of their security alerts is “noise” – false positives, unclear, or duplicate findings from different tools. This flood of useless information is not only…

Source

More Stories

NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

Staff Editor 2026-06-05
Ashley Devoto Named Air Force CIO

Ashley Devoto Named Air Force CIO

Staff Editor 2026-06-05
A First Step to Unpacking Cyber, Deception, and Intelligence Contests

A First Step to Unpacking Cyber, Deception, and Intelligence Contests

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy