According to Anna Arkhipova, Lead Business Development Manager

[tanjimajuha20]

Secure development in 2023 has become the theme of the year in Russia, said Vseslav Solenik, Director of Cybersecurity at Sbertech JSC, opening the online conference "Best Russian DevSecOps Practices". Alexey Astakhov, Head of Application Security Products at Positive Technologies PJSC, called the growth in demand for the implementation of DevSecOps practices a direct consequence of the fact that, within the framework of rapid import substitution, which is accompanied by an increase in cyberattacks and increased regulatory requirements, secure development is an additional guarantee of software quality.

Oleg Kazakov, Technical belgium whatsapp resource Director of Spectr LLC (formerly Digital Spectr), believes that the main driver for the implementation of DevSecOps is the growing requirements for software security and the increased pace of development itself: "The teams involved in product development are becoming larger, the complexity of the tasks is increasing, and in these conditions, without the systematic application of DevSecOps practices, it is becoming almost impossible to create secure software."

at ITD Group International Ltd, DevSecOps practices may even become mandatory in the near future, at least in some segments of the Russian software market. And Vitaly Lyutikov, Deputy Head of the FSTEC, noted at the BIS Summit 2023 conference that a significant portion of Russian developers do not comply with the agency's current regulations on the timely elimination of discovered vulnerabilities (30 or 60 days, depending on the criticality): "Technical support services of Russian vendors must respond to customer requirements with lightning speed, but more and more often a situation arises where feedback on security tools is insufficient."

"The main driver for the implementation of DevSecOps is the business need for speed and quality of functionality delivery to end users. At the moment, companies operate in a highly competitive environment, and speed is the strongest competitive advantage. By implementing the DevSecOps practice, a company moves vulnerability testing to an earlier stage of software development," says Alexey Statenin, Head of the QA Department at SimbirSoft LLC. "In general, the implementation and active use of DevSecOps seems important for all organizations involved in software development, regardless of their type. Some companies may use DevSecOps more actively if their business model or data security requirements require closer integration of software development, operation, and security processes."

Kamilla Sakaeva, Head of Secure Development at Softline PJSC, believes that using DevSecOps can be useful for any type of developer, regardless of their specialization, but internal employees of companies that develop corporate applications and systems may be more interested in using DevSecOps, since they work with confidential data and important business processes, where security is a critical aspect.