Joel Krooswyk, federal chief technology officer at GitLab (Nasdaq: GTLB), said the rapid adoption of artificial intelligence has opened up the opportunity for developers to transition to AI-assisted DevSecOps workflows.
“By automating and optimizing DevSecOps workflows, we can still shift security left while relieving developers from the burden of some complex remediation,” Krooswyk wrote in an article published on Carahsoft.com.
“It begins with a workflow that leverages fully automated security scanning to rapidly identify vulnerabilities as well as providing suggested remediation for vulnerabilities and on-demand remediation training to educate developers on what they are getting into,” he added.
Krooswyk noted that organizations have expanded the use of AI capabilities across the software development life cycle and cited the potential integration of AI into the remediation process.
He discussed the importance of training AI models using the right datasets while protecting data privacy and highlighted the need for generative AI to be grounded in security, transparency and privacy.
“Secure, AI-powered features are dependent on the data and the environment in which they exist. Furthermore, because the technology supports the entire software development life cycle, it’s not just a matter of training AI on data, but appropriately applying AI at each stage of software development,” Krooswyk explained.