Application Security

Legit Security Releases Survey Report on GenAI in Software Development

Most developers (85%) and security teams (75%) have security concerns over relying on GenAI to develop software.

Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, today announced the release of a new survey report, “Use and Security of GenAI in Software Development.” Capturing the perspectives of security and development professionals to uncover concerns about the visibility into and approaches to managing GenAI, the report’s findings revealed that both teams face critical security challenges when using GenAI in software development.

“As generative AI transforms software development and becomes increasingly embedded in the development lifecycle, there are some real security concerns among developers and security teams,” said Liav Caspi, Co-Founder and CTO at Legit. “Our research found that teams are challenged with balancing the innovations of GenAI and the risks it introduces by exposing their applications and their software supply chain to new vulnerabilities. While GenAI is undoubtedly the future of software development, organizations must be mindful of its new risks and ensure they have the appropriate visibility into and control over its use.”

GenAI is quickly changing the software development process by automating tasks that once took developers hours, if not days, to complete, bolstering efficiency and productivity. Eighty-eight percent of developers report using it within their development organization, reflecting a broad shift in how development teams augment their capabilities with AI to meet tight deadlines and complex project demands. Despite the high rate of adoption, security is a critical concern. For instance, previous research by Legit revealed that LLMs and AI models contain bugs and vulnerabilities that can lead to AI supply chain attacks.

The report’s key findings include:

  • Increased Use of GenAI in Software Development: 96% of security and software development professionals report that their companies use GenAI-based solutions for building or delivering applications. Among these respondents, 79% report that all or most of their development teams regularly use GenAI.
  • Code Assistant Use Is Worrying: 84% of security professionals are concerned about using code assistants and cite unknown and/or malicious code as their primary concern.
  • Growing Concerns Over GenAI Security: 98% believe that security teams need a better handle on how GenAI-based solutions are used in development. 94% report they need more effective ways to manage GenAI use in their company’s research and development efforts.
  • Apprehension on GenAI Over-Reliance: 85% of developers and 75% of those in security have security concerns over relying too much on GenAI solutions to develop software.
  • Developers Fear Loss of Critical Thinking: More developers than security professionals report concern over loss of critical thinking due to AI use in development (8% vs. 3%).
  • GenAI is the Future: 95% of respondents predict that software developers will be more reliant on GenAI in the next five years, with none foreseeing reduced reliance.

The report’s findings underscore GenAI’s importance in software development. However, as organizations increasingly adopt it into their CI/CD pipelines and software supply chains, they need to prioritize security and improve oversight while boosting collaboration between development and security teams.

To download the report, visit https://info.legitsecurity.com/survey-report-use-and-security-of-genai-in-software-development.

Methodology
The survey, conducted by Regina Corso Consulting on behalf of Legit Security, gathered insights from over 400 security professionals and software developers across various industries in North America. Respondents were drawn from companies of all sizes, from small tech startups to large multinational organizations, all dealing with the integration of AI into their software development processes.

Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!

Related posts

StackHawk announces GitHub Pull Request Checks

PR Newswire

ArmorCode Secures $14 Million Series A Investment

PR Newswire

Finite State Introduces Compliance Mapping Feature with Binary Analysis

Business Wire