Abstract :
In modern DevOps environments, the integration of security practices poses significant challenges due to the fast-paced nature of Continuous Integration/Continuous Deployment (CI/CD) pipelines. Traditional security testing methods are usually too slow and reactive to address vulnerabilities effectively in such dynamic settings. To overcome these challenges, organizations are increasingly adopting automated security testing solutions that leverage Artificial Intelligence (AI) and Machine Learning (ML). This paper discusses AI and ML capabilities in automating security testing during DevOps. It talks about how these technologies can improve security by enabling real-time threat detection, reducing false positives, and adapting to new vulnerabilities through continuous learning. Key AI/ML-based tools and techniques, along with their integration into DevOps workflows, are also discussed in detail. It also covers the integration challenges and the potential of AI/ ML in security testing in the coming years.
Keywords :
AI in Cybersecurity, AI/ML Tools for Security Testing., artificial intelligence (AI), Automated Security Testing, Continuous Deployment (CD), Continuous Integration (CI), DevOps, DevSecOps, Machine Learning (ML), Security in DevOps, Shift-Left Security, Vulnerability DetectionReferences :
- Alami A, Paasivaara M (2021) How do agile practitioners interpret and foster “technical excellence”?. In: Evaluation and assessment in software engineering. ACM, pp 10–19
- Sadovykh et al., “VeriDevOps: Automated Protection and Prevention to Meet Security Requirements in DevOps,” 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE), Grenoble, France, 2021, pp. 1330-1333, https://ieeexplore.ieee.org/document/9474185
- Almeida, F.; Simões, J.; Lopes, S. Exploring the Benefits of Combining DevOps and Agile. Future Internet 2022, 14, 63. https://doi.org/10.3390/fi14020063
- Mirza, Agha Urfi. (2024). EXPLORING THE FRONTIERS OF ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING TECHNOLOGIES, San International Scientific, ISBN: 978-81-970457-9-0
- I. Abbas and A. Garg, “AIOps in DevOps: Leveraging Artificial Intelligence for Operations and Monitoring,” 2024 3rd International Conference on Sentiment Analysis and Deep Learning (ICSADL), Bhimdatta, Nepal, 2024, pp. 64-70, https://ieeexplore.ieee.org/document/10601420
- Truex S, Baracaldo N, Anwar A, Steinke T, Ludwig H, Zhang R, Zhou Y. A Hybrid Approach to Privacy-Preserving Federated Learning. In: Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security. pp. 1-11, November 2019.
- Wiedemann, A.; Forsgren, N.; Wiesche, M.; Gewald, H.; Krcmar, H. Research for Practice: The DevOps Phenomenon. ACM, 2019, 62, 44–49. [Google Scholar]
- Sani, A.; Arbain, A.F.; Jeong, S.R.; Ghani, I. A Review on Software Development Security Engineering using Dynamic System Method (DSDM). J. Comp. Applic 2013, 69, 33–44.[Google Scholar]
- Verganti R. Vendraminelli L. Iansiti M. (2020). Innovation and design in the age of artificial intelligence. Journal of Product Innovation Management, 37(3), 212–227. https://doi.org/10.1111/jpim.12523