9 out of 10 companies embracing AI for security purposes but not for coding, reveals study
Many companies are hesitant to use AI for coding despite its widespread adoption in security measures, as revealed by a recent study from JFrog.
In the realm of technological innovation, while artificial intelligence (AI) finds its footing in bolstering security measures, its integration into coding practices appears to be met with reservation, according to recent findings.
AI adoption for security purposes, not coding
A study conducted by JFrog illuminates a notable contrast: while an overwhelming nine out of ten companies embrace AI and machine learning (ML) to fortify security scanning and remediation endeavours, merely a third, approximately 32 percent, employ AI/ML technologies in their coding processes, Techradar reported.
This hesitance underscores a prudent approach towards AI implementation in development, stemming from apprehensions surrounding potential vulnerabilities that AI-generated code might introduce into enterprise software.
Also read: How Indian tech savvy consumers are creating superstars in the consumer tech market
Yoav Landman, CTO of JFrog, reflects on the dynamic landscape of software security, stating, “DevSecOps teams worldwide are navigating a volatile field of software security, where innovation frequently meets demand in an age of rapid AI adoption."
While the emphasis on security remains steadfast, the study exposes a divergence concerning the optimal timing for security scans. Approximately 42% advocate for scanning during code composition, while an almost equal proportion, 41%, suggest pre-deployment scans upon incorporating new software packages from open-source repositories.
Moreover, concerns arise regarding the impact of security protocols on productivity, with nearly two in five participants reporting that authorization for new package/library usage consumes up to one week.
Additionally, the report underscores apprehensions regarding the interpretation of Critical Vulnerability Severity Scores (CVSS), with a staggering 74 percent of high or critical CVSS scores deemed inappropriate in common scenarios, despite 60 percent of security and development teams dedicating a significant portion of their time to addressing vulnerabilities.
Also read: Meta Platforms, Microsoft, X corp band together against Apple's app store plans
Shachar Menashe, Senior Director of JFrog Security Research, emphasizes the importance of strategic resource allocation, stating, “Knowing where to put those tools, use their team's time, and streamline processes is critical to keeping their SDLC secure.”
In an era marked by escalating cyber threats, making informed decisions and allocating resources strategically are imperative. Fortunately, amidst the rising threat landscape, the report suggests that the severity of threats may not escalate to the same degree, offering a glimmer of optimism amid security challenges.
One more thing! We are now on WhatsApp Channels! Follow us there so you never miss any update from the world of technology. To follow the HT Tech channel on WhatsApp, click here to join now!
Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.