DEVOPSdigest

Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2024. Part 6 covers AI's impact on DevOps and development.

Start with: 2024 DevOps Predictions - Part 1

Start with: 2024 DevOps Predictions - Part 2

Start with: 2024 DevOps Predictions - Part 3

Start with: 2024 DevOps Predictions - Part 4

Start with: 2024 DevOps Predictions - Part 5

AI-Generated Vulnerabilities

AI will play a significant role in generating code, allowing for faster development with fewer human resources. But as code inevitably becomes more like open-source software, AI-generated vulnerabilities will become a bigger concern. The speed at which AI-assisted developers work will underscore the importance of enhanced application visibility and security, as developers may lack the full understanding of their AI-generated output.
Shahar Man
Co-Founder & CEO, Backslash Security(link is external)

According to one Stanford study into developer use of AI tooling, it is likely that unskilled developers using this technology will become dangerous. The study claimed that participants who had access to AI assistants were more likely to introduce security vulnerabilities for the majority of programming tasks, yet also more likely to rate their insecure answers as secure. This poses a significant issue; poor developers will be enabled to introduce security issues faster, and if anything, this will only increase the need for security-skilled developers with the knowledge and expertise to code securely and use AI technology safely.
Matias Madou
Co-Founder and CTO, Secure Code Warrior(link is external)

Overconfidence in Generative AI code will lead to generated AI vulnerabilities. As more and more developers use generative AI to successfully help build their products, 2024 will see the first big software vulnerabilities attributed to AI generated code. The success of using AI tools to build software will lead to overconfidence in the results and ultimately a breach that will be blamed on the AI itself. This will lead to a redoubling across the industry of previous development practices to ensure that all code, written by both developers and AI, is analyzed, tested, and compliant with quality and security standards.
Phil Nash
Developer Advocate, Sonar(link is external)

FACING THE CHALLENGES OF AI-ASSISTED CODE DEVELOPMENT

2024 will produce significant challenges to AI-assisted code development. In 2024, we will reach a threshold where we've tampered and experimented enough with AI across the SDLC that there will be an incident, a mistake, that will force enterprises to pay attention to end-to-end governance and the consequences of not having AI policies in place. DevOps teams need guidance on what they are allowed and not allowed to do with the tools they're using, with the guidance standardized into paved paths.
Wing To
GM of Intelligent DevOps, Digital.ai(link is external)

The risks and challenges that come from bad code that have plagued organizations for years will be a top agenda item for the C-suite and Boards in the new era of AI. The truth is that most organizations are likely unaware of the issues that spin out from bad code … Companies are embracing GenAI so they don't get left behind, but they can't trust AI blindly. While it can speed up and democratize the process of millions — if not billions — more lines of code to be generated, this doesn't come without issues like bugs and errors, lack of readability and maintainability, as well as security and copyright problems. I don't foresee a near-term solution to this in 2024, so it is up to business leaders to ensure their developer teams are creating code that is consistent, intentional, adaptable, and responsible.
Tariq Shaukat
Co-CEO, Sonar(link is external)

The need for human quality control over code will remain steadfast and grow larger as we find a balance of fast production with quality. I would say that "trust, but verify" is the slogan to live by in the year ahead, as I don't foresee a near-term solution to some of the problems that come with AI, such as hallucinations and lack of understanding of logical flow.
Olivier Gaudin
CEO and Co-Founder, Sonar(link is external)

Businesses will grapple with the risks inherent in using AI technologies like copyright infringement, IP rights, security threats, and the like. Knowledge attrition is another major concern, particularly for developers who may avail themselves of AI to write code. Since that knowledge will no longer need to be retained, many will become more dependent on AI and the market will favor those who are adept at using it.
Lior Koriat
CEO, Quali(link is external)

AI WON'T REPLACE NEED FOR CLEAN CODE

As AI-assisted code solutions gain steam in the software development space, those who believe it will replace the need for code quality assurance checks will likely be in for a rude awakening. While it will certainly support developer productivity and will help those greener in the field boost their skills — and even those returning to it — it is not truly functioning at that level yet ... AI-assisted code cannot, and will not, replace the need for developers to clean as they code, ensuring that code is maintainable, reliable, and secure. Human or AI-generated, this approach should be a part of every organization's software development process to ensure all code is fit for the purpose and is continuously clean. With every company's success dependent on the strength of its software, Clean Code should be a top priority if they want to succeed and reduce risk to their business.
Olivier Gaudin
CEO and Co-Founder, Sonar(link is external)

TEAM COLLABORATION MAKES BIGGER IMPACT THAN AI-ENABLED PROGRAMMER PRODUCTIVITY

We'll witness a proliferation of AI-enabled tools that promise to improve programmer productivity. Many of them will deliver on the promise but towards the end of the year we'll begin to realize that, in complex and agile software efforts team collaboration has an even bigger impact than individual productivity.
Esko Hannula
SVP, Product Management, Copado(link is external)

DEMAND FOR SENIOR DEVELOPERS TO KEEP AI IN CHECK

Less experienced developers, unlike more technically astute senior developers, may not be able to spot the shortcomings of code generated by AI-assisted code. I expect we'll see the demand for more senior developers increase, to help keep AI in check/oversee its involvement.
Olivier Gaudin
CEO and Co-Founder, Sonar(link is external)

DEVOPS FOCUS ON PLANNING AND TESTING

The adoption of GenAI will increase the focus on the planning and Testing phases of DevOps. Planning because a well written requirement is needed for your copilot to generate the proper code. Testing, because reliance on GenAI will require that we verify the resulting code even more thoroughly than today. The tests will likely be generated from the same requirements, so this means planning is even more important.
David Brooks
SVP of Evangelism, Copado(link is external)

AI Makes Progressive delivery essential

Just as software teams have begun to hone practices for getting reliable, observable, available applications running at scale, generative AI is changing everything we know about these methods thanks to its non-deterministic nature. In other words, 1+1 can equal infinity. Therefore, next year, we'll see developers start to account for infinite change when building, testing, training, retesting, and delivering new features built on AI/ML models. This will make the practice of progressive delivery even more essential for success when delivering applications at scale.
Rob Zuber
CTO, CircleCI(link is external)

DEVELOPERS ACCOUNTABLE FOR AI SPEND

As AI experimentation continues to increase exponentially, with the AI bill growing alongside it, monitoring and observability tools will become mandatory for every dev team. Developer teams will be required to answer for AI spend; CFOs will not accept unbounded and unpredictable costs for much longer and there will be added pressure to prove the return on investment. So, tools that can provide insights, guardrails, and monitoring for AI deployments, especially in the experimentation phase, are going to be a critical tool in every dev team's AI arsenal.
Rita Kozlov
Senior Product Director, Cloudflare(link is external)

Go to: 2024 DevOps Predictions - Part 7, covering the impact of AI on DevOps and development.