Page 36 - Cyber Defense eMagazine January 2024
P. 36

-rules  in areas  such  as testing,  code review  and CI/CD.  This  allowed  R&D  teams  to focus  on
                   creative  aspects  of  their  work  with  increased  productivity  -  enabling  “guided  steering  and
                   acceleration”.  Development  cycles shortened  based on agile principles,  bridging  Dev and Ops.
                   Issue management  and resolution started to shift from reactive to adaptive with more seamless
                   coordination across teams. The majority of issues could be detected and fixed before customers
                   even became aware.


               •  Today, Generative  AI  is  taking  SW  development  to  new  levels  of  efficiency  and  innovation.
                   Automation  extends  far beyond  routine tasks,  as GenAI-based  solutions  enable the creation of
                   new  content  through  a  seamless  human-to-machine  dialogue.  Efficiency  gains  are  only  just
                   beginning to unfold as AI can act as an inexhaustible assistant (Copilot) throughout the SDLC by
                   providing  suggestions,  explaining  issues,  generating  code,  monitoring  processes,  scanning
                   repositories,  providing  predictions,  and  augmenting  quick  decision-making.  This  will  further
                   accelerate and increase the overall code creation, translating  into more SW builds, more SW to
                   be secured, and more frequent updates to the runtime. As we add embedded AI models (MLOps)
                   into the modern SW development equation, the aforementioned  areas expand even further. The
                   concept  of  "Liquid  Software"  is  gradually  becoming  a  reality,  where  small  incremental
                   improvements  (binaries-based  updates)  automatically  flow  from  development  to  runtime  with
                   minimal service downtime.

               •  In application security, AI can significantly reduce the time to discover and remediate issues in
                   a predictive  manner,  preventing  malicious  SW packages  from ever  entering  an organization  in
                   the first place. This begins with automated vulnerability scanning and detection, utilizing AI-based
                   severity  and  contextual  analysis,  and  extends  to  automated  remediation.  Despite  the
                   aforementioned  advancements,  human  intervention  and  approval  are  still  necessary  until  AI-
                   based solutions demonstrate a higher degree of trust and reliability.


               •  In recent  years, we  began transitioning  towards  a full automation  paradigm,  wherein  we move
                   from  a Copilot  (AI  assistant)  to  an Autopilot  (AI  decision-maker).  Machines  can  be directed  to
                   solve highly complex problems through a natural language UI (i.e. English), requiring new types
                   of skills from the programmer to navigate the dialogue towards the intended state. Fundamentally,
                   the AI system should outperform an average human developer or other persona involved in said
                   processes.  AI  will  further  augment  and  automate  decision-making  processes,  enabling
                   organizations to select the best possible (data-driven) approach and tools to resolve any issues.
                   Trust in AI systems will be paramount,  necessitating  vast contextual  understanding  and ethical
                   decision-making, similar to the challenges experienced in autonomous driving today. Self-learning
                   and self-healing capabilities will become essential in detecting, analyzing, isolating, and patching
                   issues while maintaining service uptime. Meaning: software will be able to rewrite an update itself,
                   as well as add new functionality  to deal with new inputs. Similarly,  to AVs, the AI system must
                   learn from its operational environment and adapt accordingly.







            Cyber Defense eMagazine – January 2024 Edition                                                                                                                                                                                                          36
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   31   32   33   34   35   36   37   38   39   40   41