DevSecOps is helping organizations get better at automating security testing and improving security attributes of applications earlier in the development process. But at most organizations, it’s still a struggle to fold security tools into the DevOps-optimized software delivery pipeline. The majority of DevOps stakeholders still see security as an inhibitor to DevOps agility. The ratio of organizations that test applications throughout the development lifecycle compared to just in production has grown significantly in the past three years, Sonatype says.”]
Source: https://www.darkreading.com/application-security/the-true-state-of-devsecops