A recent survey of IT professionals and software developers, conducted by 451 Research, shows that the use of DevOps methodologies for application development and release has become widespread – at least among large enterprises.

Among companies that claim ‘full’ adoption of DevOps (i.e., DevOps is being used companywide), 69% have been deploying it for more than three years, and 29% have been using the methodology for more than five years.

IT organizations are deploying DevOps across a wide variety of application types, including:

  • Data processing, analytics and business intelligence (cited by 59% of the enterprises)
  • IT/infrastructure optimization (56%)
  • Customer-facing applications that enhance the experience/value of doing business with the organization (49%)
  • Specialized business process functions (45%)
  • Other internal line-of-business functions (12%)

On average, enterprises use DevOps for about half of their application development projects.

However, despite the benefits and widespread adoption of DevOps, hurdles remain. The success rate of DevOps applications is surprisingly low, as discussed in the last section of this report.


Report Highlights


DevOps Moves to the Cloud. On-premises private cloud and non-cloud infrastructure are still the most popular venues for DevOps, but momentum is shifting toward public cloud options. Microsoft, AWS and IBM are in the lead.

Security Pros are Key Stakeholders. Beyond developers and IT operations personnel, security professionals are becoming critical DevOps stakeholders at many enterprises.

Success Rates are Low. On average, only about half of all applications implemented using DevOps are successfully released into production.


Benefits Abound


IT professionals (including executives and application developers) cite a number of benefits from DevOps -- most of which relate to increased agility.

Benefits of DevOps

Although users still cite cost as the #1 barrier to increased adoption of DevOps, it’s interesting to note that ‘reduced network costs’ and ‘decreased costs of deployment’ are among the top benefits of DevOps.

Other benefits are ultimately about improved cultural synergies. In addition to the obvious benefit of better aligning business/IT priorities and objectives, DevOps fosters cross-discipline synergy (e.g., between the application development, IT operations and security teams).

At the same time, DevOps creates cultural challenges, including:

  • Overcoming resistance to change
  • Aligning differing priorities for developers, IT teams and other stakeholders
  • Promoting communication between teams not accustomed to working together
  • Sharing responsibilities for problems
  • Demonstrating equity of benefits/costs
  • Enabling collaboration by breaking down silos

Where to Perform DevOps


Organizations implement DevOps across a wide range of venues, with on-premises private clouds being the most common deployment environment today.

Environments of DevOps Implementation

Although on-premises non-cloud infrastructure is still a popular option for DevOps implementations, the momentum is toward public cloud alternatives.

In the context of DevOps, the most popular public cloud providers are Microsoft Azure (used by 25% of the survey participants), AWS and IBM Cloud (both of which were cited by 20% of the participants).

Rounding out the top seven were:

  • Google Cloud Platform (11%)
  • Oracle Cloud (11%)
  • SAP Cloud Platform (8%)
  • Salesforce.com (5%)

However, developers are not entirely happy with the cloud services they’re getting. Many point to a number of improvements to enhance their DevOps projects:

  • More extensive integration of data analytics
  • A DevSecOps culture
  • Increased support for AI and machine learning
  • Improved container management
  • Use of serverless architecture (aka functions as a service, or FaaS)
  • Support for IoT/edge computing



The impact of DevOps goes well beyond the people that are coding or using the applications.

Stakeholders in DevOps Implementations



At many organizations, security professionals are the primary stakeholders (beyond developers and IT operations personnel). This is because DevOps can impact – positively or negatively – a wide range of security capabilities.

Security capabilities that can be enhanced by DevOps include:

  • Software Composition Analysis (SCA) and open source analysis
  • Source code protection
  • Logging and analysis of security events
  • Vulnerability assessment
  • Dynamic/Interactive Security Testing (DAST/IAST)
  • Static Application Security Testing (SAST)

Most large enterprises have added tools for these functions to their DevOps workflows.

The criticality of security has given rise to the DevSecOps methodology and ‘Security as Code’ culture, which requires tight collaboration between software developers and security professionals. The goal is for security to ‘shift left’ (i.e., earlier in the development cycle), becoming an embedded part of the application development process.


Managed Services


The complexity of today’s DevOps environments has led many enterprises to seek help from third-party managed service providers. In the 451 Research survey, 61% of enterprises use managed services for DevOps.

Only 30% of the survey participants rely solely on internal staff for DevOps, while 40% rely primarily on internal staff but outsource some tasks to third parties. About 21% of the companies have an approximately even split between in-house and outsourced staff, and 9% rely mostly on third-party managed service providers with some support from internal staff.


Hurdles Remain


Despite widespread adoption, there are a variety of barriers to DevOps implementation, with cost and technical complexity topping the list.

Barriers to Deploying DevOps

Only 18% of the survey participants think that their existing (non-DevOps) processes and methodologies are sufficient, and a mere 6% believe that there are no barriers to DevOps adoption.

Given the barriers to adoption and the sheer complexity of some of the projects, it may come as no surprise that the success rate for DevOps application releases is low – very low.

Success Rate of DevOps Application Releases

On average, only about half of all DevOps applications make it into production!

In order to improve DevOps success rates, stakeholders are tasked with measuring – and proving – the business value. The top three metrics for doing this are:

  • Quality metrics (e.g., security vulnerabilities, defect rates, etc.)
  • Business-level metrics (e.g., customer satisfaction, user experience, traffic)
  • Application performance metrics (e.g., availability, latency, throughput)

Only by being able to demonstrate the business value of DevOps will stakeholders achieve the upper management buy-in needed to expand DevOps projects and deliver success.