Dynatrace：2023可观察性和安全性的融合对于实现DevSecOps的潜力至关重要（英文版）（63页）.pdf

1、2023 DynatraceThe convergence of observability and security is critical to realizing DevSecOps potential Dynatrace CISO report 2023Whats insideCHAPTER 1Increased complexity makes cloud environments more difficult to secure CHAPTER 2Fragmented tool sets and manual application security processes erode

2、 confidence and productivityCHAPTER 3Modern development and delivery practices make it difficult to get ahead of zero-day vulnerabilitiesCHAPTER 4Tool sprawl and team silos hinder DevSecOps practicesCHAPTER 5DevSecOps practices remain immatureCONCLUSIONThe Dynatrace differenceAPPENDIXMethodology and

3、 global data summaryIntroductionOrganizations are increasingly adopting DevSecOps practices to drive faster innovation without amplifying security risk.These practices unite development,security,and operations teams and empower them to deliver more secure software at every stage of the development l

4、ifecycle.Most of these efforts remain relatively immature,however,as development,security,and operations teams continue to work in silos and rely on their own patchwork of point tools to manage their individual tasks.Further,teams move security responsibilities to development and pre-production(also

5、 known as“shifting left”)and verify security for applications deployed in production runtimes(or“shifting right”)in isolation,rather than as a collective effort.These activities can create inefficiencies that undercut DevSecOps effectiveness.Critical vulnerabilities can also escape into production m

6、ore easily and often,exposing the organization to unnecessary risk.This report explores these challenges and highlights how chief information security officers(CISOs)can overcome them by unifying observability and security to support more effective data-driven DevSecOps automation.DevOpsSecDynatrace