A global survey of 5,315 IT professionals that included 804 C-level executives and 1,439 security experts finds 39% of respondents reporting they work for organizations currently using artificial intelligence (AI) to build software.
Conducted by the market research firm Omdia on behalf of GitLab, the survey also finds another 39% expect to be using AI to build software within the next two years.
Among those currently using AI, the primary use cases are code generation and code suggestions (47%), followed by explanations of how code works (40%) and summaries of code changes (38%).
Additional future AI use cases that respondents identified include forecasting of productivity metrics and identification of anomalies at 38% each, followed by explanations of how a vulnerability can be exploited and how to remediate it (37%), and chatbots that allow users to ask questions in natural language (36%).
Making Use of AI
Ashley Kramer, chief strategy officer for GitLab, said the survey makes it clear that developers are making extensive use of AI to automate rote tasks and it’s now only a matter of time before the increased velocity at which code is being written creates code base management challenges for DevOps teams. Those issues will need to be addressed using AI tools and capabilities that are being infused into every successive update of modern DevSecOps platforms, she added.
Overall, the survey finds developers on average spend less than a quarter of their time writing code, with the rest spent on meetings and administrative tasks (15%), improving existing code (15%), understanding code (13%), testing (12%), maintaining code (11%), and identifying and mitigating security vulnerabilities (10%).
A total of 62% of the C-level executives said it is essential to implement AI in software development to avoid falling behind. However, well over half (56%) also noted introducing AI into the software development lifecycle is also risky.
More than half (55%) of C-level executives agreed that developer productivity is important to the success of their organizations, with 57% agreeing that measuring developer productivity is key to business growth. However, only 42% of C-level executives currently measure developer productivity within their organization and are happy with their approach. Over a third (36%) feel their methods for measuring developer productivity are flawed, while 15% want to measure developer productivity but aren’t sure how.
C-level respondents whose organizations are using a platform (56%) to build and deploy software were much more likely than those not using a platform (33%) to be happy with their current approach to measuring developer productivity, the survey finds.
In general, nearly two-thirds (64%) of respondents also work for organizations that want to consolidate their toolchain but only 17% have already begun such efforts. Nearly three-quarters (74%) of respondents whose organizations are currently using AI for software development said they wanted to consolidate their toolchain.
More than two-thirds (67%) said software development lifecycle in their organization is mostly or completely automated and more than half of respondents (55%) are now also running 50% or more of their workloads in the cloud, the survey finds.
A quarter of all respondents also said they are primarily responsible for application security. However, more than half (58%) of security respondents said they have a difficult time getting development to prioritize remediation of vulnerabilities, while 55% noted security vulnerabilities are mostly discovered by the security team after code is merged into a test environment. The survey reinforces the simple fact that application security requires a team effort, said Kramer.
It’s hard to say with any great certainty at this point how application development and deployment will be transformed by AI but the one thing that is certain is it’s unlikely most existing DevSecOps workflows will be able to keep pace.
