• Image 01
  • Image 02
  • Image 03
  • Image 04
  • Image 05
  • Image 06
Need assistance? Contact Us: 1-800-255-5897

Menu

  • Home
  • About Us
    • Company Overview
    • Management Team
    • Board of Directors
  • Your Loan Service Center
  • MAKE A PAYMENT
  • Business Service Center
  • Contact Us
  • Home
  • About Us
    • Company Overview
    • Management Team
    • Board of Directors
  • Your Loan Service Center
  • MAKE A PAYMENT
  • Business Service Center
  • Contact Us
Recent Quotes
View Full List
My Watchlist
Create Watchlist
Indicators
DJI
Nasdaq Composite
SPX
Gold
Crude Oil
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

JFrog-Sponsored IDC Study Shows Growing Developer Focus on Software Security, Impacting Companies’ Competitive Advantage

By: JFrog Ltd. via Business Wire
October 09, 2024 at 09:15 AM EDT
ⓘ This article is third-party content and does not represent the views of this site. We make no guarantees regarding its accuracy or completeness.

Titled the "Hidden Costs of DevSecOps," the IDC InfoBrief Reveals Companies Spend an Average of $28K Per Developer Annually on Identifying, Evaluating, and Addressing Software Security Concerns

JFrog Ltd. (“JFrog”) (Nasdaq: FROG), the Liquid Software company and creators of the JFrog Software Supply Chain Platform, released the findings of an IDC survey indicating developers are spending significantly more time and companies are spending $28K per developer yearly on security-related tasks such as manual application scan reviews, context switching, and secrets detection, among other items. The IDC InfoBrief, “The Hidden Cost of DevSecOps: A Developer’s Time Assessment,” sponsored by JFrog, showed 50% of senior developers, team leaders, product owners and development managers experienced a significant increase in the number of hours spent weekly on software security-related tasks, detracting from their ability to innovate, build, and deliver new business applications,

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20241009432650/en/

New IDC InfoBrief Shows Growing Developer Focus on Software Security, Impacting Companies’ Competitive Advantage (Graphic: Business Wire)

New IDC InfoBrief Shows Growing Developer Focus on Software Security, Impacting Companies’ Competitive Advantage (Graphic: Business Wire)

"Securing the software supply chain already poses significant challenges for organizations, but it becomes more complex when multiple tools are used, forcing developers to toggle between multiple environments, leading to inefficiencies, wasted time, and increased risk,” said Asaf Karas, CTO of JFrog Security. “IDC’s survey creates a compelling case for companies to invest in streamlined security processes, tooling and training, to empower their developers to be more efficient and effective in protecting the software supply chain.”

Half of survey respondents said they spend an estimated 19% of their weekly hours on security-related tasks, oftentimes outside normal working hours, which could lead to a reactive approach to security rather than a proactive one. Other key findings from the IDC survey include:

  • Chasing Ghosts: Eliminating False Positives: Developers spend 3.5 hours on average manually reviewing security scanning findings because of false positives and duplicates.
  • Context Matters: 69% of developers agree or strongly agree that their security-related responsibilities require them to frequently switch contexts between various tools, slowing efficiency. Multitool context switching can also increase token usage for bypassing reauthentication per platform. Tokens can be helpful in application development but can also be quickly forgotten and leave backdoors in companies’ systems for attacks.
  • Secrets are No Fun: Developers devote 50% of their time to understanding and interpreting secrets scanning results, making changes to code to remediate findings, and updating secrets management measures.
  • Infrastructure Investigation: Infrastructure-as-Code (IaC) – used to automate the provisioning and management of IT infrastructure, such as servers, networking, operating systems, and storage – must be scanned every time code changes, with more than 54% of developers saying they run IaC scans weekly or monthly.
  • SAST Isn’t a Blast: Despite static application security testing (SAST) tools being integrated to local development environments to provide findings as developers code, only 23% of developers are running SAST scans before deploying code into production, leaving a huge gap for malicious code to slip through.

"DevSecOps is not just a business imperative; it is the cornerstone of building the secure applications of the future. However, a significant challenge lies in overcoming inefficient, poorly implemented tools that squander developers’ time and inflate costs,” said Katie Norton, Research Manager, DevSecOps and Software Supply Chain Security at IDC. “To be successful, IT and software development team leaders must automate repetitive and time-consuming tasks, ensure DevSecOps tools deliver accuracy with minimal false positives, and provide ongoing access for developers to application security education and resources so they can keep pace with a rapidly increasing threat landscape."

The IDC InfoBrief surveyed senior developers, team leaders, product owners and development managers from companies in 20+ industries with 1K+ employees across the U.S., UK, France and Germany. For more insights from the IDC InfoBrief, "The Hidden Cost of DevSecOps: A Developer’s Time Assessment," (IDC #US52537524, September 2024) download the report.

Like this story? Tweet this: New @IDC survey finds that developers severely underestimate the time they spend performing #DevSecOps tasks, leading to hidden costs for their organizations. Read the full report: https://bit.ly/4feUtjl #DevOps #security #MLOps #softwaresupplychain

About JFrog

JFrog Ltd. (Nasdaq: FROG), is on a mission to create a world of software delivered without friction from developer to device. Driven by a “Liquid Software” vision, the JFrog Software Supply Chain Platform is a single system of record that powers organizations to build, manage, and distribute software quickly and securely, ensuring it is available, traceable, and tamper-proof. The integrated security features also help identify, protect, and remediate against threats and vulnerabilities. JFrog’s hybrid, universal, multi-cloud platform is available as both self-hosted and SaaS services across major cloud service providers. Millions of users and 7K+ customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely embrace digital transformation. Learn more at www.jfrog.com or follow us on X @JFrog.

View source version on businesswire.com: https://www.businesswire.com/news/home/20241009432650/en/

Contacts

Media Contact:

Siobhan Lyons, Sr. Manager, Global Communications, JFrog, siobhanL@jfrog.com

Investor Contact:

Jeff Schreiner, VP of Investor Relations, JFrog, jeffS@jfrog.com

Report this content

If you believe this article contains misleading, harmful, or spam content, please let us know.

Report this article

More News

View More
News headline image
Aritzia Shareholders Back Board as CEO Touts 35% Revenue Growth, U.S. Expansion ↗
Today 1:01 EDT
Via MarketBeat
Topics World Trade
Tickers TSX:ATZ
News headline image
Zapata Quantum Bets Software, AI Partnerships Will Unlock Quantum Computing Value ↗
Today 0:02 EDT
Via MarketBeat
Topics Artificial Intelligence
Tickers IBM ZPTA
News headline image
Contango ORE Drops Gold Hedges to Boost Upside as Manh Choh Output Ramps ↗
July 12, 2026
Via MarketBeat
Tickers CTGO
News headline image
Zeta Global Eyes AI Infrastructure Shift as Palantir Integration Nears ↗
July 12, 2026
Via MarketBeat
Topics Artificial Intelligence
Tickers PLTR SNOW ZETA
News headline image
Whitestone REIT Shareholders Approve AREG Merger, Reject Executive Pay Plan ↗
July 12, 2026
Via MarketBeat
Topics Regulatory Compliance
Tickers WSR

Recent Quotes

View More
Symbol Price Change (%)
AMZN  245.34
-1.70 (-0.69%)
AAPL  315.32
-0.90 (-0.28%)
AMD  557.89
+11.17 (2.04%)
BAC  59.67
+0.42 (0.71%)
GOOG  355.03
-1.21 (-0.34%)
META  669.21
+37.73 (5.97%)
MSFT  385.10
+0.74 (0.19%)
NVDA  210.96
+8.18 (4.03%)
ORCL  140.64
-3.08 (-2.14%)
TSLA  407.76
+1.21 (0.30%)
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the Privacy Policy and Terms Of Service.
© 2025 FinancialContent. All rights reserved.

Having difficulty making your payments? We're here to help! Call 1-800-255-5897

Copyright © 2019 Franklin Credit Management Corporation
All Rights Reserved
Contact Us | Privacy Policy | Terms of Use | Sitemap