9 out of 10 companies embracing AI for security purposes but not for coding, reveals study
In the realm of technological innovation, while artificial intelligence (AI) finds its footing in bolstering security measures, its integration into coding practices appears to be met with reservation, according to recent findings.
AI adoption for security purposes, not coding
A study conducted by JFrog illuminates a notable contrast: while an overwhelming nine out of ten companies embrace AI and machine learning (ML) to fortify security scanning and remediation endeavours, merely a third, approximately 32 percent, employ AI/ML technologies in their coding processes, Techradar reported.
This hesitance underscores a prudent approach towards AI implementation in development, stemming from apprehensions surrounding potential vulnerabilities that AI-generated code might introduce into enterprise software.
Also read: How Indian tech savvy consumers are creating superstars in the consumer tech market
Yoav Landman, CTO of JFrog, reflects on the dynamic landscape of software security, stating, “DevSecOps teams worldwide are navigating a volatile field of software security, where innovation frequently meets demand in an age of rapid AI adoption.”
While the emphasis on security remains steadfast, the study exposes a divergence concerning the optimal timing for security scans. Approximately 42% advocate for scanning during code composition, while an almost equal proportion, 41%, suggest pre-deployment scans upon incorporating new software packages from open-source repositories.
Moreover, concerns arise regarding the impact of security protocols on productivity, with nearly two in five participants reporting that authorization for new package/library usage consumes up to one week.
Additionally, the report underscores apprehensions regarding the interpretation of Critical Vulnerability Severity Scores (CVSS), with a staggering 74 percent of high or critical CVSS scores deemed inappropriate in common scenarios, despite 60 percent of security and development teams dedicating a significant portion of their time to addressing vulnerabilities.
Also read: Meta Platforms, Microsoft, X corp band together against Apple’s app store plans
Shachar Menashe, Senior Director of JFrog Security Research, emphasizes the importance of strategic resource allocation, stating, “Knowing where to put those tools, use their team’s time, and streamline processes is critical to keeping their SDLC secure.”
In an era marked by escalating cyber threats, making informed decisions and allocating resources strategically are imperative. Fortunately, amidst the rising threat landscape, the report suggests that the severity of threats may not escalate to the same degree, offering a glimmer of optimism amid security challenges.
One more thing! We are now on WhatsApp Channels! Follow us there so you never miss any update from the world of technology. To follow the HT Tech channel on WhatsApp, click here to join now!
In the realm of technological innovation, while artificial intelligence (AI) finds its footing in bolstering security measures, its integration into coding practices appears to be met with reservation, according to recent findings.
AI adoption for security purposes, not coding
A study conducted by JFrog illuminates a notable contrast: while an overwhelming nine out of ten companies embrace AI and machine learning (ML) to fortify security scanning and remediation endeavours, merely a third, approximately 32 percent, employ AI/ML technologies in their coding processes, Techradar reported.
This hesitance underscores a prudent approach towards AI implementation in development, stemming from apprehensions surrounding potential vulnerabilities that AI-generated code might introduce into enterprise software.
Also read: How Indian tech savvy consumers are creating superstars in the consumer tech market
Yoav Landman, CTO of JFrog, reflects on the dynamic landscape of software security, stating, “DevSecOps teams worldwide are navigating a volatile field of software security, where innovation frequently meets demand in an age of rapid AI adoption.”
While the emphasis on security remains steadfast, the study exposes a divergence concerning the optimal timing for security scans. Approximately 42% advocate for scanning during code composition, while an almost equal proportion, 41%, suggest pre-deployment scans upon incorporating new software packages from open-source repositories.
Moreover, concerns arise regarding the impact of security protocols on productivity, with nearly two in five participants reporting that authorization for new package/library usage consumes up to one week.
Additionally, the report underscores apprehensions regarding the interpretation of Critical Vulnerability Severity Scores (CVSS), with a staggering 74 percent of high or critical CVSS scores deemed inappropriate in common scenarios, despite 60 percent of security and development teams dedicating a significant portion of their time to addressing vulnerabilities.
Also read: Meta Platforms, Microsoft, X corp band together against Apple’s app store plans
Shachar Menashe, Senior Director of JFrog Security Research, emphasizes the importance of strategic resource allocation, stating, “Knowing where to put those tools, use their team’s time, and streamline processes is critical to keeping their SDLC secure.”
In an era marked by escalating cyber threats, making informed decisions and allocating resources strategically are imperative. Fortunately, amidst the rising threat landscape, the report suggests that the severity of threats may not escalate to the same degree, offering a glimmer of optimism amid security challenges.
One more thing! We are now on WhatsApp Channels! Follow us there so you never miss any update from the world of technology. To follow the HT Tech channel on WhatsApp, click here to join now!
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.