Digital.ai has committed to adding generative artificial intelligence (AI) and additional machine learning capabilities to its namesake platform for managing DevSecOps workflows.
The company plans to make available in alpha a generative AI tool to create test cases and user stories via large language model (LLMs) access via a natural language interface. In addition, generative AI will also be used to identify high-risk changes to code and improve the overall governance of DevSecOps workflows.
At the same time, Digital.ai has extended the machine learning algorithms it already provides to provide predictions and scoring. Additional capabilities include flow acceleration recommendations, change risk predictions and service management process optimizations.
Digital.ai CEO Derek Holt said as AI continues to evolve, the company will use a mix of public and private LLM platforms to ingest AI into DevSecOps workflows. In effect, the future of AI will almost be multimodal as different classes of AI technologies are used to automate workflows, he added.
The goal is to safely break down the silos of data that today make it difficult to cost-effectively build and deploy secure software without compromising the rate at which it is developed, noted Holt.
It’s still early days as far as the infusion of AI in workflows is concerned, but it’s apparent that many of the manual tasks that prevent organizations from fully embracing best DevSecOps practices will be automated.
At the same time, increased reliance on digital processes, coupled with more stringent pending regulations, are reducing the overall tolerance organizations have for insecure software. The only way to address that rising sense of application security urgency—at a time when more complex cloud-native applications are being built and deployed—is to rely more on automation. In fact, the race is now on to secure software supply chains before regulations that will have stiff penalties for security lapses go into effect.
Most of the AI advances in software development that have been made thus far benefit developers. However, many of those same core AI advances will soon be applied to software engineering. Many of the DevSecOps bottlenecks that exist today will start to fade away as various classes of algorithms are able to both identify and make recommendations to eliminate them. As those capabilities evolve, it should also serve to help reduce the long-standing cultural divide between application development teams and cybersecurity professionals that is at the root of the software supply chain issues that organizations are still struggling to resolve.
In fact, many organizations would be well-advised to review their current workflows with an eye toward determining which processes can be automated. The days when AI was sparingly used are now giving way to a new era of software development that promises to dramatically accelerate the rate at which applications can be built, deployed and updated. The challenge, as always, is finding a way to incorporate these advances into workflows that were not created with AI in mind.