What news from AWS re:Invent last week will have the most impact on you?
Amazon Q, an AI chatbot for explaining how AWS works.
Super-fast S3 Express storage.
New Graviton 4 processor instances.
Emily Freeman leaving AWS.
I don't use AWS, so none of this will affect me.
AI / DevOps / Security

Meet the New DevSecOps

Your power broker for delivering on the promise of enterprise-ready AI.
Oct 12th, 2023 10:31am by
Featued image for: Meet the New DevSecOps
Image from giggsy25 on Shutterstock.

AI as a transformative technology is as important a development as the microchip, PC, internet, smartphone and cloud have been in their times. The best-known use cases of AI are the ones that have been picked up by the mainstream media and have generated controversy along the way. These generative AI models write essays, create presentations and compose musical scores.

The AI use case that is getting far less publicity, yet affects the way we work and live far more than the cases listed above, is AI-powered DevSecOps. It is radically increasing efficiency and accelerating the delivery of software innovation at major enterprises and government entities worldwide.

AI-powered DevSecOps leverages AI to improve software delivery automation, govern AI-assisted code writing and predictive problem-solving. The goal is to cut operational complexity and accelerate the time to market, all while using AI safely and responsibly.

The 3-in-1 Advantage

AI-powered DevSecOps for the enterprise merges AI capabilities that evolved separately until now:

  1. AI-powered software delivery workflows enable software delivery processes to automate large-scale programs like app modernization and cloud migrations.
  2. AI-based code governance helps developers use code-assist and other generative AI tools to speed up the writing, checking and optimizing of traditional code.
  3. Predictive intelligence applies machine learning algorithms to data across the entire software development and delivery life cycle (SDLC) so managers gain earlier software delivery insights in order to forecast capacity, foresee risks and respond to changes.

The reality is that when AI solutions are implemented — often in piecemeal fashion among smaller teams — they add to the clutter of siloed and fragmented tools, methods and processes that will eventually bite back on the short-lived perception of “progress.” A truly systemic approach to DevSecOps that merges and leverages AI capabilities at scale is one of the most important adjustments an enterprise can make for a lasting advantage in today’s AI-augmented world.

Multiplier Benefits for DevOps Teams and Workflows

Recently, Gartner reported that as AI accelerates coding tasks, developers become “x-times multipliers,” allowing the rapid scaleup of development processes. The report states that product leaders “must capitalize on generative AI that can be used to scale their product development.”’s own analysis and customer experiences shows two to three times productivity improvement per developer, and external studies have revealed the following further benefits:

  • Better developer productivity: Generative AI coding tools used by developers shave 20-50% off the time they spend on repetitive coding tasks.
  • Faster software delivery: Infusing AI into development programs optimizes code by 10-30%, making identifying inefficiencies faster.
  • More creativity and innovation: The onboarding process for developers speeds up by 20-40% with generative AI tools.

However, recent studies show that challenges remain:

  • 40% of generative AI code has security vulnerabilities.
  • 34% of businesses cite limited AI skills or knowledge as hindering successful AI adoption.
  • 74% of organizations are concerned with the data privacy of AI-based products or services.

How to Enable AI-Driven Software Development across the Enterprise

Elevating AI to an enterprise-scale capability is possible with three core requirements:

  1. Maintain control of your data by establishing responsible AI: Early small-scale experimentation with AI-powered app development teaches organizations lessons on how to keep control of data and set proper policies.
  2. Adopt the right governance to empower developer innovation: Accelerating developer innovation requires an investment in AI. Organizations need to be aware how this can affect their governance and software delivery process.
  3. Managing OpEx while increasing team output: Managing the technology sprawl and redundant spending is essential as AI expands opportunities for developer creativity.

3 Areas to Focus on

In the realm of AI, there are three separate areas where teams need to focus:

1. Test, secure and govern AI-generated software: AI and software governance are now more closely linked than ever. The testing, security and governance challenges that teams need to be mindful of include:

  • Regulation and compliance: Organizations must implement policies to ensure that AI-generated code complies with relevant standards, laws and regulations.
  • Quality assurance and security: Organizations can establish QA protocols through automated continuous testing that will absorb the increase of two to three times in code created by AI.
  • Continuous delivery and release pipeline monitoring: In the face of increased code and release volumes, organizations need to identify and address security vulnerabilities, improve performance and adapt to changing requirements.
  • Planning and collaboration: Increasing communication among teams will help manage portfolio dependencies and improve the understanding of where and how AI affects the software delivery process.

2. Harness AI for software delivery workflows: Using the power of AI to further automate and accelerate software delivery workflows requires some features necessary to help productivity gains.

  • Simplified test creation helps users edit and create test cases based on updated or new feature requirements.
  • User story generation automatically turns product descriptions into requirements and user stories.
  • Knowledge assistance identifies useful information in planning and DevOps repositories.
  • Threat insight will inform security experts on recommended changes to protected apps by analyzing historical trends.

3. Manage trade-offs and decision-making aided by AI: It is essential to apply machine learning algorithms across your toolset as well as third-party data sets to help predict risk, remove software delivery bottlenecks and speed up CI/CD pipelines.

These ML solutions should include:

  • Flow acceleration that accelerates DevOps workflows and predicts cycle times.
  • Quality improvement preventing defect leakage through early detection and code quality effectiveness assessments.
  • Change risk prediction identifying risky changes, reducing change failures and allowing teams to identify and manage risk before production.
  • Service management process optimization anticipates future service risks, helping to mitigate the risk of major incidents

An up-and-down-the-Line Winner 

AI-powered DevSecOps stands out because it benefits everyone and everything it touches. Solutions powered by AI boost the productivity of the whole SDLC, enabling innovation acceleration and beating organizational time-to-market goals.

For large global companies, the move to AI-powered DevSecOps is rapidly becoming table stakes to adjust to and capture the opportunities of emerging AI.

Group Created with Sketch.
TNS owner Insight Partners is an investor in: Enable, Pragma.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.