Cisco AppDynamics DevSecOps Maturity Self‑Assessment
DevSecOps maturity leads to results. ESG research shows that organizations with a more mature DevSecOps strategy improved collaboration between development and security teams, regardless of topic.
This free assessment, based on a survey of 500 of your peers, shows where your organization stands in relation to ESG's DevSecOps maturity spectrum. Based on your results, you'll see next steps to accelerate your organization's DevSecOps processes in order to create an optimized environment that will deliver code faster and securely.
Assessment and benchmark
research powered by ESG
Cisco AppDynamics DevSecOps Maturity Self‑Assessment
- People
- Process
- Technology
Please use the sliding scale to answer the following question:
Roughly what percentage of developer staff, if any, have received formal, company-funded technical training specifically for cybersecurity proficiency/to earn security certifications?
Please rate your level of agreement with the following statements:
Our dev team views the security team as a hindrance and avoids them.
- Strongly Agree
- Agree
- Neutral
- Disagree
- Strongly Disagree
- Don't Know
My cybersecurity team lacks critical mass of analysts equipped to implement "security-as-code".
- Strongly Agree
- Agree
- Neutral
- Disagree
- Strongly Disagree
- Don't Know
All questions must be completed before continuing
When in the software delivery lifecycle does the dev team collaborate with the security team?
Select all that apply »Do members of the security team participate in the agile software development process (e.g., attends daily scrums, authors user stories, implements user stories)?
Do your organization's agile sprints include cybersecurity specific user stories?
All questions must be completed before continuing
What proportion of your organization’s cloud-resident server workloads are treated as immutable infrastructure?
Please rate your level of agreement with the following statements:
My organization has the right cloud-native security policies, processes, and technologies.
- Strongly Agree
- Agree
- Disagree
- Strongly Disagree
- Don't Know
All questions must be completed before continuing
Please rate your level of agreement with the following statements:
"Security-as-code" will be the dominant cybersecurity model within the next 24 months.
- Strongly Agree
- Agree
- Neutral
- Disagree
- Strongly Disagree
- Don't Know
Cloud-native applications require a more automated method of applying security throughout their lifecycle (i.e., development, integration, delivery, and runtime).
- Strongly Agree
- Agree
- Disagree
- Strongly Disagree
- Don't Know
Has your organization created/allocated a DevSecOps budget?
All questions must be completed before continuing
Has your organization automated any of the following security practices via integration with DevOps tools and processes?
Yes | No, but planned in the next 12-24 months | No | Don't Know | |
---|---|---|---|---|
Identify and remediate configuration and software vulnerabilities before deployment to production | ||||
Composition analysis to create a "bill of materials" for a source code branch | ||||
Static (SAST) and/or dynamic (DAST) analysis to identify inadvertently introduced organic vulnerabilities | ||||
Logging of all changes for compliance audits (i.e., compliance-as-code) | ||||
Identify and remediate malware before deployment to production | ||||
Discover and inspect APIs in source code |
Yes | No, but planned in the next 12-24 months | No | Don't Know | |
---|---|---|---|---|
Apply runtime API security controls | ||||
Apply runtime threat prevention controls (e.g., anti-malware, application control, virtual patching, intrusion prevention) | ||||
Apply controls which can detect anomalous activity (i.e., intrusion detection) | ||||
Apply access controls to segment inter-workload/communication access controls (e.g., micro-segmentation) | ||||
Apply controls which capture system activity for incident response, forensics, and threat hunting |
All questions must be completed before continuing
Cisco AppDynamics DevSecOps Maturity Self‑Assessment Summary
This is where you stand today:
-
Siloed
Bottom 40% of the market with a score of 47.5 points or less
-
Converging
The middle 40% of the market with a score of 47.75 to 69.75 points
-
Collaborating
Your organization is in the top 20% of the market with a score of 78 points out of 100 points
Why it matters:
Please provide the information below to see your personalized results. You will then be able to download your results directly.
Thank you. Click below to download your results.