A SANS Survey: Rethinking the Sec in DevSecOps: Security as Code

List of the top AppSec trends and interesting new innovations in 2022.

The SANS survey shows that over half of 281 surveyed organisations across the world use three or more cloud platforms, but only one-third have automated cloud configuration via code and platform APIs.

As IT workloads shift to the cloud, security professionals must know how to read and write code, develop and deliver systems, and utilise modern software development tools to build guardrails, secure defaults into software, and detect security vulnerabilities.

Security as Code is the future of security, which involves reviewing infrastructure, understanding service configuration templates, learning how to use APIs and cloud security services, and writing automated tests and continuous compliance policies.

This survey focuses on application security and DevOps, which examines what security teams must know about using Security as Code in automated software development to meet high-velocity delivery demand and more.