GitLab Survey Reveals Tension Around AI, Security, and Developer Productivity within Organizations
GitLab's 8th annual Global DevSecOps Report reveals mixed sentiments on AI, security, and productivity among 5,300 surveyed stakeholders. While 69% of CxOs report doubling their software shipping speed compared to last year, AI integration remains low at 26%. Key findings include a significant disparity in perceptions of AI risks and training needs between executives and staff. Additionally, 67% of developers use code from open-source libraries, but only 21% of organizations document their software composition with SBOMs. Organizational red tape hinders quick vulnerability fixes, and differing tool usage slows development velocity. The report underscores the need for improved collaboration and technology adoption to bridge these gaps.
- 69% of CxOs report shipping software twice as fast as last year.
- 99% of CxOs believe developer productivity aids business growth.
- 74% of AI-using organizations want to consolidate their toolchain to improve efficiency.
- Only 26% of respondents have implemented AI.
- 52% of security professionals report red tape delays vulnerability fixes.
- 45% of CxOs don’t measure developer productivity against business outcomes.
- Only 21% of organizations use SBOMs despite high reliance on open-source code.
- 54% of developers use 6-14 tools, slowing down development velocity.
- CxOs and staff are not aligned on the topics of AI, risk, and training
- Efforts to fix security vulnerabilities are hindered by organizational red tape
- Leadership understands the importance of developer productivity for organizational success but isn’t measuring it against business outcomes
- While most companies are shipping software twice as fast as last year, toolchain sprawl is hindering velocity
SAN FRANCISCO, June 25, 2024 (GLOBE NEWSWIRE) -- ALL REMOTE -- GitLab Inc., the most comprehensive AI-powered DevSecOps platform, today released its 8th annual Global DevSecOps Report on the current state of software development. In April 2024, GitLab surveyed over 5,300 CxOs, IT leaders, developers, and security and operations professionals worldwide on their successes, challenges, and main priorities for implementing DevSecOps.
The report underscores the mixed sentiments surrounding security, developer productivity, and AI's role as a catalyst and a potential risk. It also reveals differing priorities and concerns between CxOs and individual contributors.
Global CxOs (
Other key themes include:
Perceptions of AI risk, training, and skills vary between executives and staff
56% of CxOs said introducing AI into the software development lifecycle is risky, while only40% of individual contributors cited concerns about privacy and data security as a top obstacle to using AI in the software development lifecycle.35% of CxOs identified the lack of an appropriate skill set to employ AI or interpret AI output as an obstacle to using AI, but only26% of individual contributors agreed.25% of individual contributors said their organizations don’t provide adequate training and resources for using AI; however, only15% of CxOs felt the same way.
Software supply chain security is a potential weak spot
67% of individual contributors said a quarter or more of the code they work on is from open source libraries — but only21% of organizations are currently using a software bill of materials (SBOM) to document the composition of their software.52% of security professionals said organizational red tape often slows their efforts to fix vulnerabilities quickly.55% of security professionals report that they most commonly discover vulnerabilities after code is merged into a test environment.
CxOs consider developer productivity a critical operational metric—but are unsure how to measure it
99% of CxOs responded that developer productivity could help their business in some way, with57% reporting that measuring it is key to business growth.51% of CxOs said their current methods for measuring developer productivity are flawed or want to measure it but aren’t sure how, while45% of CxOs aren’t even measuring developer productivity against business outcomes.
Too many tools are slowing down development velocity
52% of CxOs said their teams use 2-5 tools for software development, while54% of individual contributors report their teams use 6-14 tools, representing another disconnect within organizations.74% of respondents whose organizations are currently using AI for software development said they want to consolidate their toolchain, compared to57% of those who aren’t using AI.- Only
17% of respondents overall have already begun consolidation efforts.
“As we navigate the rapidly evolving landscape of software innovation, it’s evident that a disconnect remains between organizational leadership and developers on critical topics such as risk management and training. This gap is further exacerbated by red tape that can hinder efforts to fix issues quickly,” said Ashley Kramer, GitLab chief marketing and strategy officer. “While it’s encouraging to see organizations doubling their software shipping speed in just a year, and no doubt AI has played a part, it’s imperative that organizations bridge these gaps with technology. They can drive even more innovation if they acknowledge the issues and collaborate to address them.”
To access the full 2024 DevSecOps Report, click here.
About GitLab
GitLab is the most comprehensive AI-powered DevSecOps platform for software innovation. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 30 million registered users and more than
Methodology
The report was commissioned by GitLab and conducted by Omdia. The survey was distributed via GitLab’s social media channels and email lists, and Omdia conducted panel sampling to reduce bias in the sample. Responses were collected from 5,315 software professionals worldwide in April 2024.
Media Contact
GitLab Inc.
press@gitlab.com
Photos accompanying this announcement are available at:
https://www.globenewswire.com/NewsRoom/AttachmentNg/381c54d8-4584-4ec5-bc7e-c75ce7b31c8d
https://www.globenewswire.com/NewsRoom/AttachmentNg/42087f1e-bfad-42cd-b5dc-12232d2be85e
FAQ
What did GitLab's 2024 DevSecOps Report reveal about software shipping speeds?
How many organizations have implemented AI according to GitLab's report?
What are the main obstacles to AI adoption in software development as per GitLab's report?
How does organizational red tape affect security efforts according to GitLab's survey?
What does GitLab's 2024 report say about tool usage in software development?
What does GitLab's report indicate about the use of SBOMs?