GitLab Survey Reveals Tension Around AI, Security, and Developer Productivity within Organizations

Rhea-AI Summary

GitLab's 8th annual Global DevSecOps Report reveals mixed sentiments on AI, security, and productivity among 5,300 surveyed stakeholders. While 69% of CxOs report doubling their software shipping speed compared to last year, AI integration remains low at 26%. Key findings include a significant disparity in perceptions of AI risks and training needs between executives and staff. Additionally, 67% of developers use code from open-source libraries, but only 21% of organizations document their software composition with SBOMs. Organizational red tape hinders quick vulnerability fixes, and differing tool usage slows development velocity. The report underscores the need for improved collaboration and technology adoption to bridge these gaps.

Positive

• 69% of CxOs report shipping software twice as fast as last year.
• 99% of CxOs believe developer productivity aids business growth.
• 74% of AI-using organizations want to consolidate their toolchain to improve efficiency.

Negative

• Only 26% of respondents have implemented AI.
• 52% of security professionals report red tape delays vulnerability fixes.
• 45% of CxOs don’t measure developer productivity against business outcomes.
• Only 21% of organizations use SBOMs despite high reliance on open-source code.
• 54% of developers use 6-14 tools, slowing down development velocity.

• CxOs and staff are not aligned on the topics of AI, risk, and training
  
• Efforts to fix security vulnerabilities are hindered by organizational red tape
• Leadership understands the importance of developer productivity for organizational success but isn’t measuring it against business outcomes
• While most companies are shipping software twice as fast as last year, toolchain sprawl is hindering velocity

SAN FRANCISCO, June 25, 2024 (GLOBE NEWSWIRE) -- ALL REMOTE -- GitLab Inc., the most comprehensive AI-powered DevSecOps platform, today released its 8th annual Global DevSecOps Report on the current state of software development. In April 2024, GitLab surveyed over 5,300 CxOs, IT leaders, developers, and security and operations professionals worldwide on their successes, challenges, and main priorities for implementing DevSecOps.

The report underscores the mixed sentiments surrounding security, developer productivity, and AI's role as a catalyst and a potential risk. It also reveals differing priorities and concerns between CxOs and individual contributors.

Global CxOs (69%) say they are shipping software at least twice as fast as a year ago, highlighting that acceleration is underway. However, only 26% of respondents report implementing AI.

Other key themes include:

Perceptions of AI risk, training, and skills vary between executives and staff

• 56% of CxOs said introducing AI into the software development lifecycle is risky, while only 40% of individual contributors cited concerns about privacy and data security as a top obstacle to using AI in the software development lifecycle.
• 35% of CxOs identified the lack of an appropriate skill set to employ AI or interpret AI output as an obstacle to using AI, but only 26% of individual contributors agreed.
• 25% of individual contributors said their organizations don’t provide adequate training and resources for using AI; however, only 15% of CxOs felt the same way.
  

Software supply chain security is a potential weak spot

• 67% of individual contributors said a quarter or more of the code they work on is from open source libraries — but only 21% of organizations are currently using a software bill of materials (SBOM) to document the composition of their software.
• 52% of security professionals said organizational red tape often slows their efforts to fix vulnerabilities quickly.
• 55% of security professionals report that they most commonly discover vulnerabilities after code is merged into a test environment.
  

CxOs consider developer productivity a critical operational metric—but are unsure how to measure it

• 99% of CxOs responded that developer productivity could help their business in some way, with 57% reporting that measuring it is key to business growth.
• 51% of CxOs said their current methods for measuring developer productivity are flawed or want to measure it but aren’t sure how, while 45% of CxOs aren’t even measuring developer productivity against business outcomes.

Too many tools are slowing down development velocity

• 52% of CxOs said their teams use 2-5 tools for software development, while 54% of individual contributors report their teams use 6-14 tools, representing another disconnect within organizations.
• 74% of respondents whose organizations are currently using AI for software development said they want to consolidate their toolchain, compared to 57% of those who aren’t using AI.
• Only 17% of respondents overall have already begun consolidation efforts.
  

“As we navigate the rapidly evolving landscape of software innovation, it’s evident that a disconnect remains between organizational leadership and developers on critical topics such as risk management and training. This gap is further exacerbated by red tape that can hinder efforts to fix issues quickly,” said Ashley Kramer, GitLab chief marketing and strategy officer. “While it’s encouraging to see organizations doubling their software shipping speed in just a year, and no doubt AI has played a part, it’s imperative that organizations bridge these gaps with technology. They can drive even more innovation if they acknowledge the issues and collaborate to address them.”

To access the full 2024 DevSecOps Report, click here.

About GitLab
GitLab is the most comprehensive AI-powered DevSecOps platform for software innovation. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 30 million registered users and more than 50% of the Fortune 100 trust GitLab to ship better, more secure software faster.

Methodology
The report was commissioned by GitLab and conducted by Omdia. The survey was distributed via GitLab’s social media channels and email lists, and Omdia conducted panel sampling to reduce bias in the sample. Responses were collected from 5,315 software professionals worldwide in April 2024.

Media Contact
GitLab Inc.
press@gitlab.com

Photos accompanying this announcement are available at:

https://www.globenewswire.com/NewsRoom/AttachmentNg/381c54d8-4584-4ec5-bc7e-c75ce7b31c8d

https://www.globenewswire.com/NewsRoom/AttachmentNg/42087f1e-bfad-42cd-b5dc-12232d2be85e

FAQ

What did GitLab's 2024 DevSecOps Report reveal about software shipping speeds?

The report found that 69% of CxOs say they are shipping software at least twice as fast as a year ago.

How many organizations have implemented AI according to GitLab's report?

Only 26% of the surveyed respondents reported implementing AI.

What are the main obstacles to AI adoption in software development as per GitLab's report?

The main obstacles include AI risks, lack of skills, and insufficient training and resources.

How does organizational red tape affect security efforts according to GitLab's survey?

52% of security professionals reported that organizational red tape often slows their efforts to fix vulnerabilities quickly.

What does GitLab's 2024 report say about tool usage in software development?

54% of individual contributors report their teams use 6-14 tools, which hinders development velocity.

What does GitLab's report indicate about the use of SBOMs?

Only 21% of organizations are currently using a software bill of materials to document their software composition.

How do CxOs view developer productivity as per GitLab's 2024 report?

99% of CxOs believe developer productivity can help their business, but many are unsure how to measure it effectively.