The first half of 2025 has been marked by a sharp increase in outages and security threats across major DevOps platforms, as detailed in GitProtect.io’s mid-year report, The DevOps Threats Unwrapped: Mid-Year Report 2025. Between January and June, 330 incidents disrupted the performance and availability of essential software development tools, impacting billions of developers and organizations worldwide.

Azure DevOps: Prolonged disruptions

Azure DevOps reported 74 unique incidents during the first half of 2025, with Europe being the most affected region, accounting for 34% of these disruptions. Notably, January saw the longest performance degradation for the platform, lasting 159 hours and severely hindering users’ ability to build and deploy software.

Various Azure DevOps components experienced recurring service issues, including Pipelines with 31 disruptions, Boards and Test Plans at 28 each, and Repos with 27 incidents. Other components such as Core Services and Artifacts also faced multiple outages. In contrast, regions such as India and Australia reported minimal impact, together accounting for only 4% of the total incidents.

GitHub incidents surge

GitHub saw a 58% increase in reported incidents compared to the same timeframe last year, rising from 69 in 2024 to 109 incidents in 2025’s first half. Among these, 17 incidents were classified as major, leading to over 100 hours of downtime. While May recorded the highest number of disruptions in a single month, April stood out for its cumulative downtime, which amounted to 330 hours and six minutes.

Most of GitHub’s incidents – 72% in total – were categorized as minor, but the growing trend underscores the platform’s increasing challenges in maintaining seamless operations.

GitLab: Hours lost and vulnerabilities exposed

GitLab experienced 59 service incidents in the first half of 2025, resulting in approximately 1,346 hours of disruption. These included partial outages, degraded performance, operational challenges, full-scale outages, and planned maintenance. The platform also addressed 65 vulnerabilities during this period, slightly fewer than the 70 recorded in the same timeframe last year.

Among the most concerning incidents was a data breach involving Europcar Mobility Group, during which attackers gained access to GitLab repositories. This allowed them to obtain source code and personal data of roughly 200,000 customers.

Jira: Maintenance woes and ransomware attacks

Atlassian’s Jira suite also faced significant challenges, recording 66 incidents in the first half of 2025 – a 24% increase from the previous year. These disruptions contributed to more than 2,390 cumulative hours of downtime, equivalent to nearly 100 days. A prolonged maintenance window from mid-March to late May exacerbated the disruptions, with users on the free tier in Singapore and Northern California experiencing outages of up to 120 minutes each.

Jira-specific breakdowns revealed Jira with 52 incidents, Jira Service Management with 46, Jira Work Management logging 24, and Jira Product Discovery with 11. Additionally, ransomware attacks by the HellCat group further escalated challenges. The group exploited stolen login credentials to infiltrate Jira environments, targeting high-profile organizations such as Telefónica, Orange Group, and Jaguar Land Rover.

Expert perspective on escalating risks

Industry experts emphasize the growing complexity of maintaining DevOps platforms amid rising incidents of outages and sophisticated cyberattacks. Greg Bak, Head of Product Enablement at GitProtect.io, commented on the findings: "We are witnessing a clear upward trend in outages and disruptions across DevOps platforms, but also in the frequency and sophistication of ransomware attacks and source code thefts, demonstrating that traditional perimeter security is no longer sufficient."

Bak stressed the need for organizations to adopt proactive measures to mitigate risks. "Anticipating failures before they happen, paired with self-healing infrastructure and recovery strategies that go beyond just technology, will redefine how organizations safeguard uptime, data integrity, and business continuity", he added.

Conclusion

The first half of 2025 highlights the mounting challenges faced by DevOps platforms, ranging from persistent service disruptions to increasingly sophisticated security breaches. With platforms like Azure DevOps, GitHub, GitLab, and Jira at the center of global software development, addressing these risks is critical to sustaining operational resilience and innovation. The findings from GitProtect.io’s report serve as a stark reminder of the evolving threat landscape that organizations must navigate to safeguard their development processes and data integrity.

Read the source