Use of AI in DevSecOps surging among businesses

GitLab research has revealed that use of AI to check code and deploy testing bots in DevSecOps has increased by over 10 per cent since last year

According to the study from DevSecOps platform GitLab, almost two-thirds (65 per cent) of developers surveyed said that they are using AI or ML in testing efforts, or plan to do so in the next three years.

While 62 per cent of developers utilising AL/ML use the technology to check code for any vulnerabilities (up from 51 per cent in 2022), the proportion of this group deploying it for testing through bots increased from 39 per cent to 53 per cent.

Security was found to be an ever-present priority for DevSecOps teams, with shared responsibility being a common focus — 38 per cent of security professionals reported being part of a cross-functional team focused on security, up from 29 per cent in 2022.

Meanwhile, 71 per cent of security staff said that a quarter or more of all security vulnerabilities are being captured by developers (up 53 per cent year-on-year), and 85 per cent reported having the same or less budget than 2022 — highlighting an urgent need to do more with less.

Along with tighter budgets, management of DevOps tools has also proved a challenge for developers, with 66 per cent wanting to consolidate toolchains this year to dedicate more time towards critical tasks like compliance checks.

“Organisations globally are seeking out ways to do more with less. This means that efficiency and security cannot be mutually exclusive when identifying opportunities to remain competitive,” said David DeSanto, chief product officer at GitLab.

“GitLab’s research shows that DevSecOps tools and methodologies allow leadership to better secure and consolidate their disparate, fragmented toolchains and reduce spend, while also freeing up development teams to spend time on mission-critical responsibilities and innovative solutions.”

5,010 DevOps and security professionals worldwide were surveyed by GitLab for its DevSecOps Report.


Establishing a strong DevOps pipelineHaving a strong DevOps pipeline is increasingly important for business creating software inhouse. What can CTOs do to ensure a steady flow?

DevOps vs Agile: distinguishing and combining the twoAgile development means fast, practical delivery of software while DevOps handles its practical rollout to users. Put together, they’re both sides of the same coin.

Avatar photo

Aaron Hurst

Aaron Hurst is Information Age's senior reporter, providing news and features around the hottest trends across the tech industry.