The founder of Profiskop LLC (CodeScoring) Alexey Smirnov called the beginning

[tanjimajuha20]

In addition, the Central Bank also proposes to use safe development technologies, which are still at the recommendation level. However, Denis Korablyov did not rule out that their use will be mandatory for the financial sector. Such intentions were voiced by representatives of the financial regulator even before the pandemic.

of the DevSecOps implementation spain cell phone number list project the most difficult phase. Therefore, in his opinion, in order to develop the market, it is necessary to build an exchange of best practices. This is what forms the market.

Over the current year, the DevSecOps market in Russia has significantly changed. This is due to the departure of foreign vendors that dominated it. Thus, of the five vendors that, according to a study by the Center for Strategic Research, occupied a leading role in the technological segment of application protection, which includes DevSecOps tools and DDoS protection tools, three - IBM, MicroFocus and F5 - were international companies. Another challenge was the outflow of personnel, however, according to Evgeny Todyshev, this problem is greatly exaggerated.

But in general, the personnel problem, according to the participants of the discussion, is quite acute. The level of salaries for specialists is also quite high. For example, a DevSecOps engineer with about a year of experience from the region, as noted by Evgeny Todyshev with reference to the experience of his company, can well count on 100 thousand rubles per month. At the same time, the representative of the UCSB drew attention to the need to build connections with universities, primarily to improve the quality of personnel training, which still leaves much to be desired. According to Denis Korablyov, an experienced specialist in the field of application security can count on 250 thousand rubles. In his opinion, the best such specialists are obtained from retrained developers.

At the same time, Russian developers have a chance to get ahead. According to the participants of the discussion, the main problem in the DevSecOps tools market is its fragmentation. None of the international vendors offers the entire product line, and Russian developers have a chance to offer a complete ecosystem for secure application development. According to Anna Arkhipova, orchestration between different DevSecOps tools is also a popular task.

In the near future, the use of DevSecOps according to the service model will become more widespread, according to the participants of the discussion. Ilya Polyakov, Head of the Code Analysis Department of AT Group LLC (Angara Security), called this approach the most adequate way to solve the personnel problem, especially for small companies.