LEARN

State of DevOps in 2023: The Complete Report Roundup

Stephen Watts By Stephen Watts January 22, 2023

DevOps has never been more popular than it is today. Since first popularized over 15 years ago by Patrick Debois and Gene Kim, DevOps has become the standard approach for managing IT in all forms: operations, software development and, increasingly, security.  In this article, we’ll look at key trends and data that paint a picture of the State of DevOps today.

(Check out our DevOps introduction, DevOps team roles and DevOps conference and event roundup.) 


State of DevOps in search today

One of the best indicators of the popularity — both growth and decline — of a topic is to carefully examine search trends. Google Trends and Google Ads Keyword Planner are perhaps the two best tools for understanding how topics are doing in search.

Looking first at Google Trends, we can see that there has been continued growth over the years for the topic. We also note that the topic has never been more popular than in recent months. Google Trends displays relative search interest, with a value of 100 representing peak popularity. Thus, no matter the dates selected there will always be a data point at the highest value.


Google Ads Keyword Planner provides a more nuanced look at search trends, although with a more limited date range. While Google Trends can go back all the way to 2004, Keyword Planner can show only a couple of years’ worth of data.

With this tool, we can see a clear and significant growth in worldwide searches for the phrase “devops” between 2018 and 2022, with total monthly search volume nearly doubling and approaching 600k monthly searches.  This makes “devops” one of the top most searched for phrases in the entire IT industry.

While some pundits have claimed “DevOps is Dead”, the truth is that the practice is more engrained than ever before and continues to grow in popularity. Based on past trends, we should expect continued growth in searches for DevOps and related concepts in the coming years.

Google DORA’s Accerelerate State of DevOps Report

The industry publishes a variety of State of DevOps reports every year. Arguably, the most important to is the DORA/Google State of DevOps Report. From 2014-2017, DORA partnered with Puppet on a joint State of DevOps report. In 2018, Google acquired DORA and the new Google/DORA State of DevOps report became independent from Puppet (and we’ll cover that one below). Today, the DORA team is responsible for DevOps Research and Assessment — hence the acronym.

The most recent version of the Google/DORA report, published in September 2022. With the exponential increase in data breaches, both attacks and inadvertent ones, more than 22 billion records have been exposed recently (yep, your data is probably part of it). So, Google being Google, in order to help keep customers and businesses data safe, they made security front and center in this year’s edition.

(Read about DevSecOps, bringing security into the DevOps approach.)

The research leveraged two frameworks, the Supply-Chain Levels for Secure Artifacts (SLSA) framework alongside NIST’s Secure Software Development Framework (SSDF), in order to get a picture of technical and non-technical angles of organizational software development. With some questions focused on software supply chain security, the team learned a few things:

  • “Surprisingly broad adoption” of newer and emerging security concepts of practices. In fact, a majority of respondents reported at minimum some level of adoption of every practice the DORA team asked about, from centralized CI/CD and isolation to no-edit users and two-person review. Still, some were more established than others, with room for growth.
  • Culture plays a bigger role than skills alone. In fact, the biggest predictor of an organization’s software security practice was its lack of blame. Put another way, high-trust, low-blame cultures (per Westrum) focused on performance were much, much more likely to adopt new security practices — versus their counterparts in high-blame cultures that point fingers and lack trust. 

It is interesting that such new concepts were reportedly so widely adopted — you might have a healthy skepticism. Perhaps its as simple as response bias.

Compare this to the 2021 report, which surveyed more thousands of professionals worldwide. This report focuses on practices and capabilities that drive software delivery excellence, which enables technology transformation and organizational performance. Major takeaways from this survey include:

  • The concepts of SRE and DevOps work in tandem — and are better together. (Learn more about the SRE roles & Responsibilities).
  • Teams are continuing to migrate workloads to the cloud, and those that fully leverage the cloud see increases in software delivery, operational performance and, impressively, organizational performance.
  • Integrating security practices into the software supply chain improves safety and reliability.
  • Strong documentation is a fundamental practice for successful DevOps implementations. Teams with high quality and maintained documentation perform better than those with poor documentation practices.
  • Team culture mitigates burnout. Inclusive, positive, happy teams help the individuals that are part of those teams.

(Start with these DORA/DevOps metrics.)

Puppet’s 2023 State of DevOps pivots to Platform Engineering

Puppet has been publishing an annual State of DevOps report for more than a decade, with their first survey launched in 2012. If you were looking for more on DevOps from Puppet in 2023, though, you might be surprised: they pivoted to focusing on Platform Engineering. Why the change? Puppet sees that platform engineering is the so-called “DevOps Differentiator”. As they put it:

"...we’ve reported on DevOps as it has emerged from a grassroots, practitioner-led trend into a massive movement of adopters, experts, vendors, and consultants. In our 11th edition of the State of DevOps Report, we’re excited to share our findings that link organizations making strong progress within DevOps to their platform engineering approach."

In previous years, Puppet highlighted common DevOps blockers, like maturing in time, using cloud and automation intentionally and how various teams support the overall acceptance of DevOps. In this 2023 report, Puppet says clearly that platform engineering is “a proven approach” for unlocking and scaling DevOps success. So it makes sense that they pivoted  —  most organizations still struggle to make DevOps a success. 

Here are some findings from the report:

  • How and why platform engineering is on the up + up
  • The DevOps/platform engineering relationship, including that 94% of respondents agree that platform engineering helps organizations realize DevOps benefits, with almost half of those folks agreeing it is a “big step in the right direction”.
  • Organizations are not investing sufficiently in product management skills, especially on platform teams

Defining platform engineering

So, exactly what does Puppet mean by platform engineering? They define it as the discipline of building self-service capabilities in order to minimize developers’ cognitive load and enable quicker software delivery. The output of platform teams is a shared infrastructure platform for internal users — one that relies on a product mindset.

We do like that inside the 2023 report, Puppet clearly defines their outlook: “Platform Engineering Not New and DevOps is Not Dead”. In their view, DevOps has improved many, many areas of how enterprises look at software development, delivery and maintenance. Like DevOps pulls from movements including Agile, Lean and Kaizen (The Toyota Way), we can also add platform engineering as a supporting methodology. As DevOps co-founder Patrick Debois has said,

“DevOps is whatever you do to bridge friction created by silos, and all the rest is engineering.”

The DevOps Institute’s Upskilling IT Report

For several years running, the DevOps Institute has been releasing an annual report focused on Enterprise DevOps Skills. In the latest iteration of this report, titled Upskilling IT, the DevOps Institute surveyed more than 2400 professionals from 120 countries creating not just one report, but four reports (!!), covering the global outlook plus deep-dives into the Americas, EMEA and APAC regions.

We’ll let you dive into the report that is most relevant to your team, but overall, here are some takeaways:

  • No matter your location, you’re probably working with insufficient IT resources and skills.
  • You can’t address technical debt without acknowledging the talent debt. (Our hunch is this means a lot more hands-on education and experience is necessary.)
  • Both organizations and individuals alike see upskilling as a must, not as an added bonus.

Now see how much this compares with the results from the single 2021 report:

  • Significant growth in the number of organizations that have a formal upskilling (training) program, with more than half of participants now reporting that their organization has such a program.
  • Lack of necessary IT resources skills is a major challenge globally. Nearly half of respondents indicated that the resource and skill shortage is one of their top 3 challenges.
  • Talent Debt must be addressed while dealing with technical debt. Technology fixes without human skills doesn’t advance innovation and transformation.
  • Continuous learning for leaders and individual contributors is necessary  for organizations to remain competitive.
  • DevOps and Agile are the two most important processes and frameworks for IT organizations, followed by ITSM/ITIL, Design Thinking, and Value Stream Management.

57% of survey participants indicated that IT process and framework skills are the most valuable capabilities for individuals. DevOps/DevSecOps are thought to be both the most important framework skills for today and for the future. Among technical skills, the most important are, in order:

  1. Security
  2. Cloud platforms
  3. Container orchestration
  4. Architecture
  5. Application technologies

Ultimately, for both individual contributes and team leaders, its most important that all employees continue to learn and grow through their careers in leadership skills like diplomacy and trust-building, as well as technical skills.

Wrapping up DevOps

DevOps is here to stay. While adopting technologies like cloud, containers, and automation can be critical to success, surveys show that DevOps success is most dependent on:

  • Breaking down organizational silos
  • Continuous improvement, both in processes and skills/training
  • Positive, inclusive teams

(See how Splunk supports the entire DevOps lifecycle.)

What is Splunk?

This article is my own and does not necessarily represent Splunk's position, strategies or opinion.

RELATED POSTS
Vulnerability Management: The Beginner's Guide DevOps Release Management Best Practices Comparing Monitoring vs. Observability: A Spectrum To Full Scale Visibility Data Quality Explained: Why Quality Is Critical to Using Your Data How To Choose Cybersecurity Frameworks For Your Organization Data Pipelines: How Data Pipelines Work & How To Get Started Cyber Hygiene: Concepts and Best Practices for Cybersecurity Data Normalization Explained: How To Normalize Data CTI: The Cyber Threat Intelligence Guide Data Encryption Methods & Types: Beginner’s Guide To Encryption
Stephen Watts
Posted by

Stephen Watts

Stephen Watts works in growth marketing at Splunk. Stephen holds a degree in Philosophy from Auburn University and is an MSIS candidate at UC Denver. He contributes to a variety of publications including CIO.com, Search Engine Journal, ITSM.Tools, IT Chronicles, DZone, and CompTIA.