DevSecOps Sector: Growth Drivers and Challenges
Growth Driver
-
Integration of AI & Machine learning bolstering DevSecOps efficiency: The rapid incorporation of AI and ML have been instrumental in DevSecOps practices have been instrumental in improving threat detection. For instance, GitLab, a leading DevSecOps platform provider, reported a 45.0% YoY revenue increase in Q1 Fy2024. The growth is connected with the integration of AI features into their platform. The growth is connected with the integration of AI features into their platform. Another successful use case is JFrog’s acquisition of Qwak in June 2024 to strengthen their DevSecOps offering and leverage the rising demand for security in AI model management.
- Adoption of DevSecOps practices among SMEs: In recent months, small and medium-sized businesses have stepped up as some of the most active adopters of DevSecOps, particularly to strengthen the security of their CI/CD pipelines. A March 2025 study published on arXiv surveyed over 400 professionals working at SMEs, and the results highlighted that about 65% said they had fully implemented DevSecOps practices, with strong emphasis on API security and software composition analysis. Cloud-based DevSecOps platforms are making it easier and more cost-effective for smaller firms to deploy robust solutions without the need for major infrastructure investments. This shift is creating fresh opportunities for platform vendors, who are now designing solutions tailored to the unique needs and budgets of SME clients.
Cybersecurity Initiatives in the Market
A key facet of the expansion of the global DevSecOps market is the heightened cybersecurity threats across the world. This creates greater opportunities for providers of DevSecOps platforms as security has become essential for every phase of the software development pipeline. The table below highlights significant cyberattacks and mitigation strategies, and DevSecOps platforms are expected to assist in the resolution strategies:
|
Company |
Attack Type |
Impact |
Mitigation Strategy |
|
Coinbase |
Insider Theft |
Customer data leaked; losses $180.3M–$400.7M; 7.0% stock drop |
Stricter access control, employee vetting |
|
Marks & Spencer |
Ransomware |
Service disruption; customer data stolen; 5.2% stock dip |
Endpoint protection, rapid response protocols |
|
Snowflake |
Credential Theft |
Data breach at 100+ clients incl. AT&T, Santander |
MFA enforcement, anomaly detection |
Challenges
- Legacy system compatibility: A major hurdle within the DevSecOps sector is the lack of seamless integration of legacy IT infrastructure with DevSecOps pipelines. To better identify the challenge, the U.S. NIST released a report in 2023 that more than 70% of the enterprises within the country cited incompatibility with legacy systems as a major constraint in the adoption of DevSecOps. In addition, the legacy systems tend to lack API support, creating additional hurdles in integration. These issues may dissuade SMEs from adopting DevSecOps platform as the development cycles can become slower due to integration challenges.
DevSecOps Market: Key Insights
|
Base Year |
2024 |
|
Forecast Year |
2025-2037 |
|
CAGR |
23.4% |
|
Base Year Market Size (2024) |
USD 5.1 billion |
|
Forecast Year Market Size (2037) |
USD 86.4 billion |
|
Regional Scope |
|
