According to our 2019 DevSecOps Community survey of over 5,500 IT professionals, just 24 percent of companies with mature DevOps practices have integrated and automate security into their DevOps pipeline — that drops to 3 percent for those without a DevOps practice. While the change to integrating security into the development process is a big culture shift, the benefits in security compliance and eventual cost savings, far outweigh the initial friction.
But, alas, that is a case for different posts and presentations.