Page 36 - Cyber Defense eMagazine January 2024
P. 36
-rules in areas such as testing, code review and CI/CD. This allowed R&D teams to focus on
creative aspects of their work with increased productivity - enabling “guided steering and
acceleration”. Development cycles shortened based on agile principles, bridging Dev and Ops.
Issue management and resolution started to shift from reactive to adaptive with more seamless
coordination across teams. The majority of issues could be detected and fixed before customers
even became aware.
• Today, Generative AI is taking SW development to new levels of efficiency and innovation.
Automation extends far beyond routine tasks, as GenAI-based solutions enable the creation of
new content through a seamless human-to-machine dialogue. Efficiency gains are only just
beginning to unfold as AI can act as an inexhaustible assistant (Copilot) throughout the SDLC by
providing suggestions, explaining issues, generating code, monitoring processes, scanning
repositories, providing predictions, and augmenting quick decision-making. This will further
accelerate and increase the overall code creation, translating into more SW builds, more SW to
be secured, and more frequent updates to the runtime. As we add embedded AI models (MLOps)
into the modern SW development equation, the aforementioned areas expand even further. The
concept of "Liquid Software" is gradually becoming a reality, where small incremental
improvements (binaries-based updates) automatically flow from development to runtime with
minimal service downtime.
• In application security, AI can significantly reduce the time to discover and remediate issues in
a predictive manner, preventing malicious SW packages from ever entering an organization in
the first place. This begins with automated vulnerability scanning and detection, utilizing AI-based
severity and contextual analysis, and extends to automated remediation. Despite the
aforementioned advancements, human intervention and approval are still necessary until AI-
based solutions demonstrate a higher degree of trust and reliability.
• In recent years, we began transitioning towards a full automation paradigm, wherein we move
from a Copilot (AI assistant) to an Autopilot (AI decision-maker). Machines can be directed to
solve highly complex problems through a natural language UI (i.e. English), requiring new types
of skills from the programmer to navigate the dialogue towards the intended state. Fundamentally,
the AI system should outperform an average human developer or other persona involved in said
processes. AI will further augment and automate decision-making processes, enabling
organizations to select the best possible (data-driven) approach and tools to resolve any issues.
Trust in AI systems will be paramount, necessitating vast contextual understanding and ethical
decision-making, similar to the challenges experienced in autonomous driving today. Self-learning
and self-healing capabilities will become essential in detecting, analyzing, isolating, and patching
issues while maintaining service uptime. Meaning: software will be able to rewrite an update itself,
as well as add new functionality to deal with new inputs. Similarly, to AVs, the AI system must
learn from its operational environment and adapt accordingly.
Cyber Defense eMagazine – January 2024 Edition 36
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.