Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week’s episode, we spoke with Derek Weeks, vice president at Sonatype, about the results of a new community survey the company just released on DevSecOps that provides some insights on how teams are incorporating automated security tools and how that shift affects company culture and developer happiness.

Sonotype’s Nexus open source governance platform helps more than 1,000 organizations and 10 million software developers simultaneously accelerate innovation and improve application security. This is the seventh year that Sonatype has done this DevSecOps report, and, according to the company, it’s the longest running community survey on this topic. We discuss with Weeks how the practice of DevSecOps changed since the company started doing the survey, and the challenges organizations face in embedding security within their DevOps practices. We also ponder the reasons behind the puzzling finding that those companies with mature DevSecOps actually have more security breaches.

TNS editorial and marketing director Libby Clark hosted this episode, alongside founder and TNS publisher Alex Williams and TNS managing editor Joab Jackson.