Resources > Report 2026

The DevOps Threats Unwrapped

The threat landscape: from outages, secret leaks, to AI agents' lack of visibility

unwrapped report 2026

HOW IT AFFECTS YOU

With a rapid rise in critical DevOps incidents, the escalating scale is directly impacting users through increased instability and risk.

69%

growth of the number of incidents over the year

150+

events with a critical and major impact on services

1700+

hours of various levels of disruption

Data source: Incident data compiled from official status pages of GitHub, GitLab, Azure DevOps, and Atlassian/Jira covering the period January-December 2025. Incident classifications and severity levels as reported by the respective vendors.

COVERED TOPICS

  • Get report AI in DevOps: growing security gap

    AI in DevOps: growing security gap

    Secure AI DevOps by defaulting to zero trust, human oversight, and strict access controls.

  • Get report Supply chain risks: need for a new strategy

    Supply chain risks: need for a new strategy

    Protect the supply chain with least-privilege tokens and strict verification protocols.

  • Get report Secret leaks, tokens and identity risks

    Secret leaks, tokens and identity risks

    Stop leaks: enforce least privilege, rotate credentials, and adopt phishing-resistant MFA.

  • Get report DevOps outages and reliability incidents

    DevOps outages and reliability incidents

    Build resilient DevOps with multi-service redundancy and a clear incident response plan.

  • Get report Critical flaws: security patches take priority

    Critical flaws: security patches take priority

    Stay ahead of exploits: monitor platform updates and prioritize high-severity patching.

  • Get report Phishing and social engineering

    Phishing and social engineering

    Secure identities with behavior-based detection and mandatory app consent approvals.

Our expert insight

Daria Kulikova

Daria Kulikova

Head of GitProtect Lab

For the third year in a row, here at GitProtect, we have been analyzing the threats that DevOps face on a daily basis. Malware and ransomware attacks, outages, and infrastructure downtime - all of that can lead to data loss as well as higher financial costs. Thus, analyzing threats of the previous year can give us a better picture of what to expect in the upcoming year and what security measures to take to foresee them.

Daria Kulikova

Head of GitProtect Lab

Welcome to our very special project. As we monitor the communities daily - we thought why not share our findings with other DevOps specialists?

That's how the DevSecOps X-Ray newsletter was born and today we are thrilled that you decided to join our mailing list. See you in the next issue!

GitProtect Team

It looks like we have some technical issues right now. Give us a few minutes and then try again.

GitProtect Team

It looks like we have some technical issues right now. Give us a few minutes and then try again.

GitProtect Team