The history of poisoning wells in times of conflict is an established one. Whether by cutting off access to wells or using it as a force multiplier for spreading disease, the town well has always been a significant attack vector.

In modern times, we can draw the analogy of a well to a script or API endpoint that initiates automation that drives change into infrastructure, applications, and digital services. Most organizations—78% employ a rich set of automation across IT to do just that. That should be no surprise given the prevalence of automation to drive changes into complex, hyperscale systems operated by Facebook, Twitter, and Amazon, among others.

That’s because, like the shared well of olden days, a single script can affect thousands of systems in a matter of minutes. In the before times, manual changes affecting the same number of systems might have taken days or even weeks. Automation is a force multiplier, allowing operations of all kinds to scale in ways that human beings could never achieve. It is the cornerstone of scaling processes, practices, and the business. Indeed, one can argue that an organization cannot become a digital business without automation. It is one of the six key capabilities organizations need to build to successfully capitalize on data, adopt Site Reliability Engineering (SRE) operations, and infuse digital services with the ability to adapt through modern app delivery.

But the thing about automation is that, well, it’s automatic.

Once begun, it’s difficult to intercept the cascading changes driven across such systems. Speed of change is one of the drivers for automation, after all, and once begun those changes are difficult—if not impossible—to stop.

Acquia’s Annual Customer Experience (CX) Trends Survey Reveals Challenges for Marketers

You’d have to be living off-grid to not have heard about automation propagating unintended changes that, ultimately, impacted large swaths of the Internet. A bad parameter pushed into a script is nearly impossible to recall once the enter button is pushed, or the API endpoint invoked. Once executed, the well has been poisoned.

This is not the first time I’ve raised the alarm concerning the security of IT automation. It is an overlooked and underexplored attack vector that will, eventually, be exploited. And even if ‘eventually’ is decades away, the more immediate threat of human error remains extant.

According to the latest Uptime Institute research, “nearly 40% of organizations have suffered a major outage caused by human error over the past three years.”

This is where AI—more correctly, ML—enters the room.

The use of machine learning to protect IT automation

Machine learning is particularly adept at uncovering patterns and relationships between data points. Today, most of the market is focusing on the application of machine learning to solve security and operational challenges. This includes identifying whether a user is a bot or a human, recognizing attacks, and even predicting imminent outages.

An area often unexplored is app infrastructure protection (AIP). For example, machine learning can be used to understand how operators and admins interact with critical systems and immediately notice when an interaction deviates from the norm. This is useful for detecting attackers attempting to access directories they shouldn’t or invoke commands with parameters outside normal usage.

WhyLabs Announces Strategic Collaboration Agreement with AWS to Accelerate Responsible Generative AI Adoption

Read that last part again. Invoke commands with parameters outside normal usage.

Ah, there it is. There is nothing peculiar to security in the ability of AIP—and machine learning in general—to detect anomalous parameters or an attempt to execute an unusual command. This technology could just as easily be applied to IT automation to catch either human error or intentionally malicious commands.

Assuming the right level of access to target systems, such a machine learning solution could certainly offer a path to protecting systems against occasional bad parameters, lateral communication attempts, or any other attack. Ransomware, anyone?

Infrastructure—for apps, app delivery, and automation—is still an attractive attack vector. As organizations move to adopt more automation—and they are—they need to simultaneously consider the ramifications—accidental or intentional—of the use of that automation. From there, it’s necessary to consider how to protect it against the inevitable fat finger or malicious keystroke.

IT Automation is a force multiplier.

Full stop.

That means it’s useful for both intended and malicious use cases. Which implies a need to protect it. Machine learning may be one way to integrate AI with ops to protect the infrastructure that remains a vital component of a digital business.

[To share your insights with us, please write to sghosh@martechseries.com]

The post Using AI for IT Automation Security in 2024 appeared first on AiThority.

C2A Security, the mobility-centric DevSecOps Platform for car makers, suppliers, and EV charging companies announces a huge leap forward in its offering with the integration of Generative AI (GenAI) into their EVSec Platform. As the 1^st cybersecurity vendor to offer these capabilities in the mobility ecosystem, C2A Security’s AutoSynth marks a significant milestone, promising to revolutionize the way products & systems are developed and optimized for security, cost, and time reduction.

Recommended AI News: Plume Launches Uprise to Transform Connectivity Services for MDUs

GenAI, the cutting-edge artificial intelligence layer built on top of large language models (LLM), has already made waves across various industries, with its remarkable potential to streamline processes, enhance efficiency, automate software, and elevate performance metrics. Its rapid adoption has been nothing short of remarkable – in a recent McKinsey survey¹, 40% of C-level executives said their organizations will increase investment in AI because of advances in GenAI, while one in four said they are personally using GenAI tools (as ChatGPT, Midjourney, others) for work.

Developed to be LLM-agnostic, C2A Security is poised to set a new industry standard. Since mid-2022 the company has been building an infrastructure of Generative AI into its DevSecOps Platform named AutoSynth. By leveraging the capabilities of GenAI, developers, security engineers, and product leaders will be able to optimize production processes, detect inefficiencies, automate security controls, and prioritize response to vulnerabilities.

“We are elated to introduce this groundbreaking integration of GenAI into our DevSecOps platform,” said Roy Fridman, CEO of C2A Security. “This transformative combination will not only bolster our product roadmap and patent track record but also enable us to create cutting-edge products that redefine the industry landscape. AutoSynth adds advanced automation to the product security lifecycle, while opening up many more use cases to solve problems we didn’t know are problems before GenAI. I’m psyched to see the extent of automations we can achieve with AutoSynth!”

Recommended AI News: Plume Reveals the Latest Trends in the Wi-Fi-Connected VR Headset Market

By harnessing the underserved potential of GenAI in the automotive industry, C2A Security is primed to accelerate the innovation lifecycle, reduce time-to-market, and ensure the delivery of more secure products that exceed customer expectations. Within the next 18 months Gartner expects² generative AI to account for 10% of all data produced, up from less than 1% just 18 months ago.

C2A Security will hold an invite-only launch event during the annual Auto-ISAC Summit in California, October 17-18. During the event, C2A Security will showcase an Automated Threat Intelligence use case, powered by AutoSynth inside its product DevSecOps platform – EVSec, leveraging the Llama large language model (LLM) developed by Meta and Microsoft.

Recommended AI News: Codoxo Launches Generative AI for Healthcare Payment Integrity

[To share your insights with us, please write to sghosh@martechseries.com]

The post C2A Security Brings Generative AI to its Product-Centric DevSecOps Platform appeared first on AiThority.

 Ellucian, the leading higher education technology solutions provider, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider. announced a partnership to make Ellucian solutions available through Carahsoft’s reseller partners, National Association of State Procurement Officials (NASPO) ValuePoint and National Cooperative Purchasing Alliance (NCPA) contracts.

Recommended: AiThority Interview with Brigette McInnis-Day, Chief People Officer at UiPath

Ellucian software and services support the entire student lifecycle, from student services, finance, recruiting and admissions to information technology. These solutions improve the student experience from the beginning of the admissions process through completion and alumni engagement.

“We are pleased to partner with Carahsoft to generate new opportunities and increase demand for our comprehensive suite of digital transformation tools among Public Institutions,” said Jeff Dinski, Chief Strategy and Corporate Development Officer, Ellucian. “Through this partnership, state agencies and institutions are able to seamlessly procure cloud-ready technology solutions designed for higher education, enabling deeper engagement, insights and better outcomes for institutions.”

Latest Insights: How to Get Started with Prompt Engineering in Generative AI Projects

Carahsoft will provide Ellucian with the contract vehicles to enable continued dissemination of the technology to higher education institutions across the country.

“With the addition of Ellucian to our Education Technology solutions portfolio, institutions now have access to reliable, integrated solutions that are solely focused on higher education advancement,” said Tim Boltz Director of Edu Strategy at Carahsoft. “We look forward to working with Ellucian and our resellers to help our joint customers leverage information across their institution and deploy services to achieve educational objectives and priorities.”

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products,

 Latest Interview Insights : AiThority Interview with Abhay Parasnis, Founder and CEO at Typeface

[To share your insights with us, please write to sghosh@martechseries.com] 

The post Ellucian and Carahsoft Announce Partnership to Enhance Higher Education Institution Access to Technology Solutions appeared first on AiThority.

As software systems become larger, more complex, and more connected, the threat landscape is evolving. Meanwhile, software testing processes and tooling are struggling to keep up. Compliance-driven security efforts fail to account for the daily reality of developers, leaving software systems vulnerable to potentially catastrophic security breaches such as log4shell.

AI-powered software testing is about to revamp the way we develop and secure code. In this article, I want to explain why the rise of AI-powered testing tools is introducing the cultural and procedural change we so desperately need to build secure applications amidst growing complexity.

Application Security Is Struggling to Keep Up With the Speed of Change

50% of organizations experienced an API security incident last year (Google Cloud, 2022). This comes as no surprise: while software systems are becoming larger in size, more interconnected and more interdependent, many industries are still using software testing processes and tooling that are ill-equipped to address the security challenges that these developments pose.

Across many industries, such as finance, healthcare, and government, security efforts are driven by compliance. While it can be an effective instrument to ensure testing is considered at the management level, compliance-driven security alone is insufficient for dealing with today’s threat landscape. Usually, large parts of compliance-driven security consist of pentests, which have many downsides including:

• Inconclusive results due to lacking code coverage measurements
• Issues are found late, as tests aren’t done for every deployment
• Tests only scratch the surface due to timeboxes
• Tests are overly expensive given their suboptimal ROI

Since this approach lacks code coverage it puts testers on par with attackers, as they have no way of determining which parts of the source code were traversed by their inputs. As attackers often are not bound to timeboxes, one could even argue that they have an advantage.

Nonetheless, black-box pentests are often enough for compliance.

Recommended AI ML Blog:

AI Shifts Incident Management From Reactive to Proactive

How AI-Powered Software Testing Enables Dev Teams to Stay Ahead

With the help of AI, large parts of test case generation can be automated. Traditional testing methods (e.g., classic unit tests) use few deterministic test cases to test for the known-unknown, i.e., a program state that the tester suspects to be erroneous. By enhancing this approach with self-learning AI, developers can generate thousands of additional test cases every second to test for the unknown-unknown, i.e., bugs and security issues that the tester would never have thought of.

By using genetic algorithms, AI-powered white-box testing tools can gather information about previous test runs, which they can then use to auto-generate new test inputs that reach deeper into the software under test. This gives developers full visibility into the code coverage of their tests and allows them to uncover deeply hidden bugs and security vulnerabilities beyond the reach of traditional testing tools. Leveraging the source code in this way can be compared to solving a maze with full visibility over its paths. While a black-box test would be the equivalent of trying to find a path that leads to a bug by pure chance, AI-powered white-box tests are the equivalent of simply covering all paths.

How AI Is Transforming Security Processes and Culture

AI-powered testing tools have the potential to empower developers to take ownership of security. By integrating them into CI/CD processes, developers can independently test their code for deeply hidden security and quality issues as easily as they would write a unit test. This form of test automation has tremendous cultural implications, as it introduces thorough testing into every single pull request, starting at the early stages of the SDLC.

A relevant concern regarding this setup is whether or not it makes sense to give developers ownership of testing. Aren’t they busy enough as it is? After all, AI-powered testing tools should not lead to increased workloads for developers. For precisely this reason, it’s crucial that AI testing tools are highly automated and integrated into CI/CD so they can seamlessly run in the background. Developers can then focus on interpreting test results and remediating findings. This way, automated testing tools can speed up the development process by allowing developers to find and fix hidden bugs and vulnerabilities before they make it into the codebase.

Who Will Be Replaced By AI?

AI-enabled testing tools are not expected to replace developers in the near future; instead, they will empower them to produce code that is not only better but also more secure. Even for security professionals, the rise of automated testing tools will not result in replacement, as security is becoming increasingly important in today’s landscape. More likely, automated security tools will allow security professionals to shift their focus towards higher-level tasks that require human expertise and critical thinking, such as designing more robust security architectures.

Read More:

Generative AI: The Next Wave of Personalization Demands Greater Agility

AI Will Inevitably Make our Software More Robust

Ultimately, the emergence of AI-enabled testing tools holds vast promise for the way we build, test, and secure software and our perception of how testing should be done.

In the long run, humans might or might not become obsolete in application security. Who knows. For now, the role of AI in security will be to find bugs in places where human intelligence would never have looked and to empower devs to focus on what they do best: innovate.

The post How AI Is Redefining Application Security appeared first on AiThority.

The post Digital.ai Boosts Predictive Intelligence and AI Across the Software Delivery Lifecycle, Offers New Support for Enterprise-grade Generative AI Coding Tools appeared first on AiThority.

Cycode, the leading application security platform, announced the launch of Cimon, a seamless solution that enhances the security of CI/CD pipelines to prevent software supply chain attacks such as those that targeted SolarWinds and Codecov.

CI/CD pipelines currently lack visibility, making them the most sensitive link in the SDLC, and many organizations have thousands of unmonitored pipelines prone to supply chain attacks. Cimon stops these attacks by utilizing the innovative solution of eBPF (extended Berkeley Packet Filter), a technology that provides visibility into the build system, including thwarting malicious behavior, with minimal disruption.

AiThority: The 3 Building Blocks to Make AI Accessible

With this visibility, Cimon can inspect network connections to learn standard behaviors by running processes and file modifications within the CI pipeline. This knowledge enables Cimon to detect and prevent abnormalities, including real-time threats and zero-day attacks.

“There is a great deal of confusion about the scope of the software supply chain and all the attack vectors; consequently, most organizations are unaware of their exposure and are inadequately protected, leaving them prone to supply chain attacks. The innovation delivered by the Cycode Cimon solution provides the community with a new and straightforward way to monitor and safeguard their CI/CD software pipelines,” said Jim Mercer, Research Vice President of DevOps and DevSecOps at IDC.

Latest Insights: Why Only AI and Data Analytics Can Stop Financial Criminals

With Cimon, organizations can expect:

• Prevention of CI Attacks: With low effort and seamless integration, users remain protected against all possible attacks on the CI pipeline, including zero-day attacks.
• Instant Threat Detection: Cimon prevents attacks such as malicious package installation, typosquatting, repojacking, dependency confusion, dependency hijacking and other dependency attacks.
• Easy Integration: Cimon is developer friendly and is easily integrated with popular CI/CD tools. Cimon provides comprehensive documentation and requires minimal configuration and integration with the development environment, such as GitHub.

“Organizations can easily integrate Cimon with all their CI/CD tools for free and secure their pipelines without any delay or errors,” said Ronen Slavin, co-founder and CTO of Cycode. “As Cimon saves time in vulnerability and threat response procedures, teams can implement and adopt security measures without any worry of error or exhaustion.”

Read: How AI NFTs Are Unlocking the Democratization of the Digital Economy

[To share your insights with us, please write to sghosh@martechseries.com]

The post Cycode Launches CI/CD Pipeline Monitoring Solution (Cimon) to Prevent Software Supply Chain Attacks appeared first on AiThority.

The post DSO National Laboratories Collaborates with Red Hat to Advance DSO’s Defense Research and Development Efforts appeared first on AiThority.

Alpha Omega announced a new SBA Mentor-Protégé program partnership with OneZero Solutions. This strategic alliance between two emerging powerhouse solution providers in the Federal sector will be codified via OneOmega LLC, a SDVOSB and 8a-certified entity. OneOmega will support federal customers in pursuit of meaningful new Cybersecurity, DevSecOps, Digital Transformation, and AI opportunities. The JV solidifies the organizations’ combined service-minded approach and commitment to employing veterans and a diverse workforce. OneOmega will leverage the incredible leadership and some of government contracting’s fastest growth trajectories to provide purposeful solutions to its Federal Agency partners.

Alpha Omega has grown to over $130 million in annual revenue since its founding seven years ago. Winning $468 million in new contracts and increasing staff by 49% last year, Alpha Omega specializes in DevSecOps, AI-driven automation, and Cybersecurity. OneZero Solutions is a Veteran-Driven Cybersecurity, Information Technology, and Information Assurance Company in support of federal government organizations that was ranked the 4th fastest growing IT Services company in America by INC Magazine.

Read More: How ChatGPT Will Transform Customer Service

“The OneOmega JV offers our federal customers a new vehicle for delivery of digital transformation solutions and cybersecurity,” said Alpha Omega CEO Gautam Ijoor. “Creating opportunities for agile solutions, continuous improvement and innovative offerings are all ways we are listening to our customers, responding, and driving mission success.”

OneZero Solutions CEO Al Sowers said, “We couldn’t be happier about this strategic partnership with Alpha Omega. They have proven to be a very successful solution provider, and our ability to learn and align OneZero with such a strong company is extremely valuable. We look forward to working alongside and learning from Alpha Omega’s leadership team and are very excited about this strategic partnership and what the future holds for our two companies.”

Latest Insights: The Metaverse as the Great Diversity Experiment

[To share your insights with us, please write to sghosh@martechseries.com]

The post New Joint Venture OneOmega LLC To Deliver Mission-Aligned Digital Transformation, AI and Cybersecurity appeared first on AiThority.

Aviatrix, the pioneer of Secure Cloud Networking,announced the immediate availability of its Distributed Cloud Firewall, redefining network security for cloud.

The Distributed Cloud Firewall distributes both inspection and policy enforcement into the natural path of application traffic, eliminating the need to redirect traffic to centralized firewalls or other network security services. A centralized programmable interface creates and pushes policies wherever required across any multicloud environment. Cloud aware policy creation is simpler and streamlined, leveraging dynamic cloud workload identity tags and attributes instead of static IP addresses, and abstracts how and where policies are enforced by programmatically configuring native cloud services where required. The Distributed Cloud Firewall dramatically improves network security scalability, operational simplicity, agility, and costs for any single or multicloud environment.

Recommended: AiThority Interview with Dorian Selz, Co-Founder & CEO at Squirro

“This is more cloud native than native cloud firewalls. It’s a game changer for us,” said Jason Simpson, Vice President of Engineering at Choice Hotels. “Aviatrix has flipped the equation for network security in the cloud by distributing the inspection and enforcement throughout the cloud network to where the traffic naturally flows, rather than forcing traffic redirection to centralized inspection points. Aviatrix’s policy creation interface is novel and built for cloud, it abstracts multicloud differences and uses cloud native tags and attributes to define policies.”

Reinventing the Firewall for the Zero-Trust, Perimeterless Cloud

Modern cloud application workloads are containerized and ephemeral. They are designed for direct to internet and service mesh network connections. They require elastic scale and rely on native cloud platform-as-a-service (PaaS) services and API gateways, which break both traditional centralized and agent-based network security approaches in the cloud. Further, from a policy creation perspective, security teams can no longer define policies based on IP addresses because IP addresses constantly change in these dynamic application environments. Cloud infrastructure delivery must shift to the rapid release cycles embraced by applications teams, including DevSecOps automation and CI/CD pipelines. The primary reason enterprises migrated to cloud in the first place was to reduce traditional on-premises infrastructure deployment time from weeks/months to minutes/hours in the cloud. The traditional hardware appliance operational model, born for on-premises data center era architecture, is not feasible to meet the software-defined agility expectations of cloud.

What’s needed is a new approach – one with an architecture built from the ground up to support a cloud operational model and agile, perimeterless cloud environment – a distributed cloud firewall.

“Aviatrix’s Distributed Cloud Firewall is a new category of network security, built from the ground up for cloud,” said Scott Raynovich, Founder and Principal Analyst at Futuriom. “Applications drive infrastructure, and the applications in the cloud are driving the need to redefine how we implement network security. Today’s firewalls were designed for the on-prem perimeter, as a choke point to inspect traffic and deliver network security. In comparison, the cloud is perimeterless, and must therefore take a different approach for network security. The optimal way to achieve this is to distribute security by embedding it into the fabric of the entire cloud network, to do security everywhere.”

The Requirements to be a Distributed Cloud Firewall
A distributed cloud firewall is modern network security done right for cloud, delivering enterprises what they need to secure the cloud. A distributed cloud firewall has unique requirements:

• Distributed Enforcement Embedded into Natural Cloud Traffic Flow – It sees everything; it’s not bolted on. Inspection and policy enforcement is embedded into the native cloud infrastructure and natural application communication flows, so all traffic is seen, and traffic does not have to be redirected to centralized inspection points, eliminating bottlenecks and automatically scaling with application environments.
• Centralized Policy Creation – Cloud aware policy creation abstracts how and where policies are enforced using dynamic cloud native application workload identity tags and attributes, instead of static IP addresses, through a single, programmable interface that pushes policies where required across any multicloud environment.
• Cloud Operational Model – Enterprise owned and operated, it must deliver full visibility and control, elastic auto-scaling to match application requirements, be fully programmable with industry standard infrastructure as code automation, and included in DevSecOps CI/CD pipelines.

AiThority: AiThority Interview with James Rubin, Product Manager at Google

• Native Cloud Network and Security Orchestration Consistent Across Multicloud Environments – It supports native cloud APIs for both cloud network and cloud security orchestration to abstract underlying cloud infrastructure complexities, create consistency across cloud service providers, and avoid conflicts between networking and security configurations.
• Advanced Security Services Consolidation – More than basic firewalling, it supports microsegmentation, network isolation, automated threat detection and mitigation, anomaly detection, vulnerability scanning, cloud workload risk scoring, L7 decryption and inspection, full traffic visibility and audit reporting. Solutions must maintain a separation of networking and security duties through role-based access control, all embedded into native cloud infrastructure and operations.

“It’s time to reinvent network security, again,” said Steve Mullaney, President and CEO at Aviatrix. “Bolting on-prem firewalls onto a cloud network and trying to steer traffic to them is not effective for cloud, it’s just not how the cloud operates. The cloud is perimeterless, agile, dynamic, and scale-out by design. Network security must follow – it must be distributed and embedded into the network to deliver a true zero-trust, agile environment. Aviatrix’s Distributed Cloud Firewall is going to dramatically change the cloud security game for our customers and save them a lot of money in the process.”

Read: AiThority Interview with Sumeet Arora, Chief Development Officer at ThoughtSpot

[To share your insights with us, please write to sghosh@martechseries.com]

The post Aviatrix Delivers Industry’s First Distributed Cloud Firewall appeared first on AiThority.

 GitLab the most comprehensive, scalable enterprise DevSecOps platform for software innovation, and Google Cloud announced an extension of its strategic partnership to deliver secure AI offerings to the enterprise.

GitLab is trusted by more than 50% of the Fortune 100 to secure and protect their most valuable assets, and leads with a privacy-first approach to AI. By leveraging Google Cloud’s customizable foundation models and open generative AI infrastructure, GitLab will provide customers with AI-assisted features directly within the enterprise DevSecOps platform.

Latest Insights: NVIDIA Introduces NeMo Guardrails to Enable Safety & Security for LLMs

GitLab is working with Google Cloud because of its strong commitment to privacy and enterprise readiness, and its leadership in AI. With generative AI support in Vertex AI, GitLab can tune Google’s foundation models with their own data, and leverage these models to deliver new generative AI powered experiences. Google Cloud allows customers to control their data with enterprise-grade capabilities such as data isolation, data protection, sovereignty, and compliance support.

With Vertex AI, and leveraging the Built with Google Cloud AI program, GitLab will be able to leverage Google’s foundation models to provide customers with AI-powered offerings within its cloud infrastructure. This allows GitLab to maintain its commitment to protecting user privacy by containing customer intellectual property and source code within GitLab’s cloud infrastructure.

GitLab plans to improve its customers’ DevSecOps workflow efficiency by 10x, by applying AI-assisted workflows to all users involved in delivering software value. By implementing AI-powered capabilities throughout the software development lifecycle, GitLab delivers value across the enterprise, enabling faster business transformation, without sacrificing security or privacy.

This first experimental feature leveraging Google Cloud’s generative AI models is called Explain this Vulnerability. This capability empowers companies to make security a cross-organizational effort, by providing users with a natural language description of vulnerabilities found in their code and a recommendation for how to resolve them at the time of detection. Explain this Vulnerability can be used by developers, as well as security and operations teams, allowing customers to stay secure while remaining efficient and improving speed to delivery.

Recommended: AiThority Interview with Mary-Lou Smulders, Chief Marketing Officer at Dedrone

Explain this Vulnerability joins GitLab’s experimental-level features such as Explain this Code, Summarize Issue Comments, and Summarize Merge Request Changes, and its existing AI-enabled features, Code Suggestions, and Suggested Reviewers, which are focused on driving developer productivity beyond code development, and improving workflow automation for all users throughout the software development lifecycle.

GitLab’s 2023 DevSecOps Report: Security Without Sacrifices found that developers are increasingly using AI for testing and security – with 62% of developers using AI/ML to check code, up from 51% in 2022. Additionally, 36% of developers use AI/ML for code review, up from 31% the previous year. GitLab is focused on creating privacy-first solutions that enable enterprises and other highly regulated organizations to adopt AI/ML throughout the software development lifecycle.

Latest Insights: Data Annotation as the Key to Military Mastery and National Security

[To share your insights with us, please write to sghosh@martechseries.com]

The post GitLab and Google Cloud Partner to Expand AI-Assisted Capabilities with Customizable Gen AI Foundation Models appeared first on AiThority.