Artificial intelligence (AI) and machine learning (ML) in software development are here to stay, and DevSecOps teams are using them in many different ways to save time and improve productivity and efficiency.
Here are the ways development, security, and operations professionals incorporate AI into their DevOps workflows.
9 ways DevSecOps teams use AI
1. Ask questions in documentation using chatbots
To find answers faster and reduce context switching, DevSecOps teams can use AI-powered chatbots to ask questions and get relevant answers pulled from documentation or other large volumes of text. Instead of leaving the IDE or platform where they’re writing and deploying code to go search the web, developers can ask a built-in chatbot a question and get one concise answer without disrupting their flow.
2. Suggest tests and test files
Developers can use AI to suggest tests and generate test files for their code, right in the merge request. This can help them enhance their testing, ensure they have appropriate test coverage for their changes, and reduce the time they have to spend writing and thinking about tests.
3. Summarize code changes
When making a commit or merge request, developers can use AI to generate a written summary of the code changes. This can help developers save time when they’re committing changes and asking for code reviews, and AI can also help code reviewers save time — and likely provide a better review — by giving them more context on the changes made before they dive into the code.
4. Get suggestions for who can review code
Code review is an important, but sometimes frustrating and time-consuming, process — especially if the right reviewer isn’t asked the first time.
By looking at the code changes and the project’s contribution graph, AI can automatically suggest a code reviewer who can provide faster and higher-quality feedback and catch potential issues. AI also can help save time by suggesting someone else to review the code if a suggested reviewer doesn't respond or if their review isn’t sufficient.
5. Summarize discussions
When discussions get lengthy or convoluted, teams can use AI to summarize all the comments in an issue or ticket. This can help everyone get on the same page and efficiently understand the status of a project and what the next steps are, leading to better collaboration and faster results.
6. Suggest code
AI-powered code suggestions can help developers write code more efficiently by suggesting code right in their IDE while they’re developing. Developers can use AI to complete blocks of code, define and generate logic for function declarations, generate unit tests, suggest common code like regex patterns, and more. These capabilities can certainly make developers more efficient, but because less than 25% of developers’ time is spent on code development according to our research), it’s just one piece of the puzzle.
7. Explain how a piece of code works
Developers (or anyone on the DevOps team) can use AI to get a quick explanation of what a block of code does and why it's behaving the way it is – without leaving their workflow.
An AI-generated code explanation can be particularly helpful for developers trying to understand pieces of code that others have created or that’s written in a language they’re less familiar with. And according to our research, developers spend 13% of their time understanding what code does, so time savings here can really add up.
8. Summarize a vulnerability and suggest how to remediate it
Understanding a newly detected security vulnerability and how to fix it isn’t trivial, but AI can make it simpler and more efficient. An AI-generated summary of a vulnerability helps developers and security professionals understand the vulnerability, how it could be exploited, and how to fix it. Some AI-powered tools can even provide a suggested mitigation with sample code. This can go a long way in helping teams avoid potential security threats and security risks with less effort.
9. Forecast productivity metrics
Using AI, software leaders can forecast or predict productivity metrics — such as deployment frequency — to identify trends and anomalies across the software development lifecycle. These AI-driven insights can help teams implement changes to improve their efficiency and DevSecOps processes.
The benefits of using AI in software development
DevSecOps teams are using AI — or plan to use AI — to help them do many things, including:
- Improve efficiency of their software delivery lifecycle
- Speed up cycle times
- Improve employee productivity
- Improve security posture
- Improve code quality
- Improve customer satisfaction
- Improve employee satisfaction and the developer experience
- Improve collaboration between teams
- Improve application performance
- Automate repetitive tasks
- Reduce operational costs
- Reduce context switching and cognitive load
- Get new hires up to speed faster
- Help employees learn new programming languages
Avoiding privacy and security issues
While there are numerous benefits to integrating AI into the software development process, it’s important to be aware of the potential risks as well as common issues and obstacles.
According to our research, privacy, security, and a lack of familiarity with AI tools were common obstacles respondents said they encountered or expect to encounter while implementing AI in the software development lifecycle. Of all the obstacles identified, concerns around privacy and data security was the most common response (34%), followed by the lack of appropriate skills (31%) and the lack of AI knowledge (30%).
Get to know GitLab Duo
All the capabilities mentioned above — from code explanations to suggested tests — are part of GitLab Duo, the suite of AI capabilities built into GitLab’s DevSecOps platform. GitLab Duo helps DevSecOps teams boost efficiency, reduce cycle times, and prevent context switching with AI-assisted workflows in every phase of the software development lifecycle, all in a single application.
Learn why GitLab was named a Leader in the 2024 Gartner® Magic Quadrant™ for AI Code Assistants.
Access the report