Transforming DevSecOps as a discipline
Given the impact AI is having in transforming DevSecOps on a larger scale, IT, security, and development leaders need to be on top of what changes when AI is introduced into development strategies.
“Historically, DevSecOps has been centered on application code security, infrastructure security, and software supply chain security,” Malik says. “With the introduction of AI, the scope of concern has expanded significantly. DevSecOps can no longer simply address source code security, container security, pipeline security, and cloud infrastructure security.”
Additional concerns now include model access exposure, prompt abuse/injection risks, sensitive data leakage, data lineage, third-party models and API dependencies, deployment of AI-generated code, and others, Malik says.
