Security is strengthened by Platform Engineering

Survey respondents confirm built-in security and compliance are delivered by self-service platforms, along with efficiency and increased developer productivity.

  • Thursday, 21st March 2024 Posted 1 year ago in by Phil Alsop

Puppet by Perforce has published the findings of the global 2024 State of DevOps Report: The Evolution of Platform Engineering. This report follows the continued maturity of platform engineering, with 43% of respondents reporting they have had a platform team for at least 3-5 years.

Since 2012, the annual State of DevOps Report produced by Puppet has reported on trends that impact DevOps success. In 2023, Puppet shifted the report's focus to a trend in the space: platform engineering. Conducting an annual survey from around 500 individuals all working with or on a platform team, the 2024 report focuses on how platform engineering delivers efficiency, speed, and security to DevOps.

Key findings include:

Security is being built into the foundation of platform engineering, with far-reaching benefits for organizations who understand that Security is priority one.

43% of respondents say that their platform has a dedicated security and compliance team, highlighting the importance of proactive security management.

Most respondents report that the platform team has helped their company become more compliant.

51% of respondents say that platform teams are also responsible for enforcing software and tool versions for security updates.

Standardized automation unlocks the full potential of DevOps.

Organizations report an average of 3 self-service platforms operating internally, indicating expansion and maturity since last year's report.

"Automation," "productivity," and "standardized processes" are cited as the three top use cases that platform engineering helps solve.

66% report that automating workflows and processes "is in scope" for their growing platform engineering teams.

It's critical that developers are supported by the platform engineering team to do their best work. 

52% say that a product manager is crucial to the success of the platform team.

Respondents cite "increased productivity," "better quality of software," and "reduced lead time for deployment" as the top benefits that the platform team has delivered for developers.

65% of respondents report that the platform team is important and will receive continued investment.

"With the expanded scope of platform engineering, we're seeing security become a critical component of platforms from the start," said Kapil Tandon, VP of Product Management at Puppet by Perforce. "Security is everyone's responsibility, but it's notable that platform engineering has become a larger part of this critical work."

As the number of self-service platforms increase, the report also shows that most functions have moved onto a platform of their own — especially the security function "Platform engineering continues to enhance DevOps, and we are now seeing the impact on security and productivity." Tandon continues. 

Failure to prioritise testing and integrate generative AI tools raises concerns as agentic AI adds pressure.

CIOs 'overspend' on cloud

Posted 5 days ago by Phil Alsop
43% of CIOs say their CEOs and/or board of directors have concerns about their company’s cloud spend.
Research revealed at Coterie Connect event highlights shifting team structures, evolving skills priorities, and urgent training needed for partner...
Endava has launched its latest research report “AI and the Digital Shift: Reinventing the Business Landscape”.

3,000% surge in enterprise use of AI/ML tools

Posted 1 week ago by Phil Alsop
Zscaler has released the ThreatLabz 2025 AI Security Report, based on insights from more than 536 billion AI transactions processed between February...
Over one in four (28%) British small business owners have used AI tools to help run their business.

Tech fragmentation cited as biggest cyber challenge

Posted 1 week ago by Phil Alsop
New Palo Alto Networks data shows 82% of UK organisations confident in their use of AI, despite AI being identified as biggest cyber risk for 2025.
MIT researchers crafted a new approach that could allow anyone to run operations on encrypted data without decrypting it first.