The report indicates a 67% increase in organizations performing software composition analysis, highlighting a significant trend towards enhanced software security practices. However, it also reveals a concerning decline in basic security training, down to a historic low of 51.2%.
Mike Lyman emphasized the need for organizations to adapt their DevSecOps practices in light of the increasing reliance on AI coding tools, as this could exponentially increase the amount of code that needs to be reviewed, potentially introducing more vulnerabilities.
Lyman mentioned that while reliance on AI coding tools is growing, many are trained on low-quality code samples, raising the risk of inadvertently generating vulnerabilities, making it essential for guardrails using AI models to mitigate this risk.
The report shows a 30% rise in organizations collaborating with research groups to explore new attack methods, indicating a positive shift towards proactive security measures amid rapid advancements in AI applications.
#devsecops #software-security #ai-coding-tools #software-composition-analysis #cybersecurity-training
Collection
[
|
...
]