By Prashanth Nanjundappa
DevSecOps has evolved rapidly over the past decade. What began as a niche practice for seamlessly integrating security into agile development workflows has become integral to modern software engineering. Automation through extensive scripting and infrastructure-as-code has enabled teams to consistently ship secure code at speed.
Two technological innovations can enhance collaboration and amplify human-led processes – Generative AI and ClickOps platforms. Augmenting professionals across the lifecycle can enable understaffed teams to achieve more while improving security.
Using generative AI to enhance DevSecOps
Generative AI tools, such as GitHub Copilot and Codex, leverage large pre-trained language models to generate code and documentation automatically. A Gartner forecast predicts that by 2026, over 80 per cent of the companies will have either incorporated generative AI capabilities through application programming interfaces (APIs) or deployed applications powered by generative AI algorithms. It promises faster delivery, reduced costs and built-in security.
In the DevSecOps domain, generative AI is still an emerging technology that needs to be improved before it is ready. Unlike the consumer market and content marketplace, where the output quality has reached an acceptable level, DevSecOps requires high-accuracy output to be executed on mission-critical systems. GenAI systems are great at creating cool demos but need help producing high-accuracy and dependable code.
While this may seem to be a pessimistic point of view, this is a launch point for DevSecOps practitioners. We have already seen early adopters using GenAI systems in their SDLC process. I see a broader acceptance of GenAI output in 2024 as a code delivery vehicle from a developer who is augmented to their DevSecOps team. This alone will result in a significant productivity improvement. GenAI will not necessarily replace developers but rather amplify teams’ productivity. 2024 will be the year for GenAI to take off its training wheels in this space.
Democratising DevSecOps with ClickOps
ClickOps uses no-code/low-code development platforms to build and manage enterprise apps, automation, digital solutions and IT processes. It involves assembling reusable components through intuitive click-based interfaces instead of complex coding, allowing anyone to meet development demands without the deep technical skills required for DevSecOps.
The infrastructure-as-code or ClickOps platforms have revolutionised the integration of software development life cycle (SDLC) practices into IT infrastructure monitoring and management. It has enhanced productivity, agility and delivery of DevSecOps by complementing existing coding investments with quicker time-to-value. According to Gartner research, the percentage of applications using low-code or no-code development will leap from under 25 per cent in 2020 to 70 per cent by 2025, displaying the rapid growth in adoption of these simplified coding platforms, such as Appian, Zoho Creator and Webflow.
ClickOps platforms are also known to solve the challenges around skill gaps and talent shortages as ClickOps democratises the DevSecOps capabilities beyond specialised coding teams. In fact, by 2024, over 80 per cent of IT products and services will be developed by non-IT professionals, with over 65 per cent using low-code/no-code tools. The ClickOps solutions offer an important bridge – UI-based workflows and templatised automation for the most common scenarios, including scaling and customising IT infrastructures. It also allows the flexibility to switch back to the as-a-code approach for solving complex and exceptional cases. The ClickOps trend will observe more acceptability in 2024 and receive more coverage for click-based workflows and automatable scenarios.
Gaining the benefits in 2024
While still nascent, generative AI and no-code ClickOps solutions show immense promise for augmenting and spreading DevSecOps capabilities more widely in 2024, enabling enhanced delivery, security and scalability across critical systems. It will also demand trust, transparency and change management in the organisations.
The author is VP, product development, Progress
Follow us on Twitter, Facebook, LinkedIn