"The report comes as AI is starting to have an impact on coding and development, with 84% of developers surveyed by Stack Overflow over the summer saying they've used the technology in the last year or plan to imminently, even though trust in the end product remains an issue. Indeed, a survey of security leaders last year found that the vast majority - some 92% of those polled - were concerned that AI-generated code could cause a security incident in their organization."
"The Black Duck research found nearly 60% of those polled are deploying code every day - if not more frequently - but security is getting in the way of that AI-accelerated speed. That's because 46% of those asked still rely on manual processes with security, with 81% of professionals saying that application security slows down the development process - and that can lead to security debt, with security problems left piling up unaddressed."
"The report noted that companies have successfully built "high-velocity development pipelines," thanks to AI as well as other coding tools, but automation of security lags behind. "This automation gap means many businesses are simply unaware of their vulnerabilities, with 61.64% of organizations testing less than 60% of their own applications," the report noted. "The result is that you're accumulating a massive security debt with every single release.""
AI and coding tools have enabled high-velocity development pipelines and near-daily deployments for many organizations. Security practices and automation have not kept pace, leaving nearly half of teams reliant on manual security processes and causing application security testing to slow development. A large share of organizations test fewer than 60% of their applications, producing accumulating security debt as releases proceed. Concerns about AI-generated code causing incidents are widespread, and developers prioritize better integration of security into development workflows to reconcile speed with risk reduction.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]