GitLab devsecops survey finds progress, new priorities

GitLab’s recent survey of 5,315 devsecops professionals worldwide found that organizations are prioritizing investments in AI, security, and automation. But specific areas such as software supply chain security warrant particular attention, the company said.

Results of the survey, conducted in April, have been compiled into GitLab’s 2024 Global DevSecOps Report, which was announced June 25. Among the findings, 78% of respondents said they are currently using AI in software development or plan to in the next two years, an increase from 64% of respondents who said they were using or planning to use AI in development last year.

Regarding software supply chain security, 67% of respondents said that 25% or more of the code they work on is from open source libraries, but only 21% of organizations are currently using a software bill of materials to document their use of software components. On a more encouraging note, 67% of respondents said their software development life cycle is mostly or completely automated. 

The survey found that top IT investment priorities in 2024 include security, AI, devsecops, automation, and cloud computing. Cloud computing, the top priority in 2023, dropped to the number five spot. Nevertheless, the number of respondents who said they were running fewer than half of their apps in the cloud declined significantly, from 68% in 2023 to 43% in 2024. The survey also found that C-level executives appear to be optimistic about devsecops and the security benefits it is bringing to their organizations. C-level executives identified more secure applications as the top benefit of devsecops and devops.