In the world of technological innovation, while artificial intelligence (AI) has found a foothold in enhancing security measures, its integration into coding practices appears to be withheld, according to recent survey results.

Employ AI for security purposes, not coding

A study by Jay frog Techradar reveals a striking contrast: While nine in 10 companies employ artificial intelligence and machine learning (ML) to enhance security scanning and remediation efforts, only one-third (about 32%) use it in their coding processes Artificial Intelligence/Machine Learning Technology report.

This hesitation underscores a cautious approach to AI implementation during development, stemming from concerns that AI-generated code could introduce potential vulnerabilities into enterprise software.

Also read: How tech-savvy Indian consumers are creating superstars in the consumer tech market

Reflecting on the dynamic landscape of software security, Yoav Landman, chief technology officer at JFrog, said: “DevSecOps teams around the world are navigating a fluid territory in software security, and in an era of rapid AI adoption, innovation often meets demand.”

While the focus on security remains steadfast, the study exposes disagreements about the optimal timing of security scans. About 42% advocated scanning during the code writing process, while almost the same proportion (41%) recommended pre-deployment scanning when merging new packages from open source repositories.

There are also concerns about the impact of security protocols on productivity, with nearly two-fifths of participants reporting that it takes up to a week to authorize new packages/libraries for use.

Additionally, the report highlights concerns over the interpretation of Critical Vulnerability Severity Scores (CVSS), with a whopping 74% of high or critical CVSS scores considered inappropriate for common scenarios despite the significant time invested by 60% of security and development teams. Address vulnerabilities.

Also read: Meta Platforms, Microsoft, X corp unite against Apple’s App Store plans

Shachar Menashe, senior director of security research at JFrog, emphasized the importance of strategic resource allocation, saying: “Knowing where to place these tools, leveraging team time and streamlining the process is critical to ensuring SDLC security.”

In an era of escalating cyber threats, making informed decisions and strategically allocating resources is imperative. Fortunately, amidst the rising threats, the report suggests that the severity of the threats may not escalate to the same extent, bringing a ray of optimism amidst the security challenges.

And one more thing! We can now use WhatsApp channels! Follow us so you don’t miss any updates from the world of technology. ‎To follow the HT Tech channel on WhatsApp, click here Join now!