Authors: Ashly Joseph, Jithu Paulose

Abstract:

The increased usage of cloud computing has revolutionized the IT landscape, but it has also raised new security concerns. DevSecOps emerged as a way for tackling these difficulties by integrating security into the software development process. However, the rising complexity and sophistication of cyber threats need more advanced solutions. This paper looks into the usage of artificial intelligence (AI) techniques in the DevSecOps framework to increase cloud security. This study uses quantitative and qualitative techniques to assess the usefulness of AI approaches such as machine learning, natural language processing, and deep learning in reducing security issues. This paper thoroughly examines the symbiotic relationship between AI and DevSecOps, concentrating on how AI may be seamlessly integrated into the continuous integration and continuous delivery (CI/CD) pipeline, automated security testing, and real-time monitoring methods. The findings emphasize AI's huge potential to improve threat detection, risk assessment, and incident response skills. Furthermore, the paper examines the implications and challenges of using AI in DevSecOps workflows, considering factors like as scalability, interpretability, and adaptability. This paper adds to a better understanding of AI's revolutionary role in cloud security and provides valuable insights for practitioners and scholars in the field.

Keywords: Cloud Security, DevSecOps, Artificial Intelligence, AI, Machine Learning, Natural Language Processing, NLP, cybersecurity, AI-driven Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 40

References:

[1] Leite, L., Rocha, C., Kon, F., Milojicic, D., & Meirelles, P. (2019, November 14). A Survey of DevOps Concepts and Challenges. ACM Computing Surveys, 52(6), 1–35. https://doi.org/10.1145/3359981
[2] Mishra, A., & Otaiwi, Z. (2020, November). DevOps and software quality: A systematic mapping. Computer Science Review, 38, 100308. https://doi.org/10.1016/j.cosrev.2020.100308
[3] Amaro, R., Pereira, R., & da Silva, M. M. (2023, February 1). Capabilities and Practices in DevOps: A Multivocal Literature Review. IEEE Transactions on Software Engineering, 49(2), 883–901. https://doi.org/10.1109/tse.2022.3166626
[4] Joseph, A. (2023). Demystifying Full-Stack Observability: Mastering Visibility, Insight, and Action in the Modern Digital Landscape. World Academy of Science, Engineering and Technology, Open Science Index 200, International Journal of Computer and Information Engineering, 17(8), 485 - 492.
[5] Sairam, U. (2018, March 31). A Survey on Challenges and Benefits towards the Adoption of DevOps Approach. International Journal for Research in Applied Science and Engineering Technology, 6(3), 1004–1009. https://doi.org/10.22214/ijraset.2018.3160
[6] Zhu, L., Bass, L., & Champlin-Scharff, G. (2016, May). DevOps and Its Practices. IEEE Software, 33(3), 32–34. https://doi.org/10.1109/ms.2016.81
[7] Hemon, A., Lyonnet, B., Rowe, F., & Fitzgerald, B. (2019, March 7). From Agile to DevOps: Smart Skills and Collaborations. Information Systems Frontiers, 22(4), 927–945. https://doi.org/10.1007/s10796-019-09905-1
[8] Masud, S. M. R. A., Masnun, M., Sultana, A., Sultana, A., Ahmed, F., & Begum, N. (2022). DevOps Enabled Agile: Combining Agile and DevOps Methodologies for Software Development. International Journal of Advanced Computer Science and Applications, 13(11). https://doi.org/10.14569/ijacsa.2022.0131131
[9] Joseph, A. (2023). A Holistic Framework for Unifying Data Security and Management in Modern Enterprises. World Academy of Science, Engineering and Technology, Open Science Index 202, International Journal of Social and Business Sciences, 17(10), 596 - 603.
[10] Simov, G. (1990, April). Artificial intelligence and intelligent systems: the implications. Information and Software Technology, 32(3), 229. https://doi.org/10.1016/0950-5849(90)90183-r
[11] M. C. Horowitz, G. C. Allen, E. Saravalle, A. Cho, K. Frederick, and P. Scharre, Artificial intelligence and international security. Center for a New American Security., 2018.
[12] Notaro, P., Cardoso, J., & Gerndt, M. (2021, November 30). A Survey of AIOps Methods for Failure Management. ACM Transactions on Intelligent Systems and Technology, 12(6), 1–45. https://doi.org/10.1145/3483424
[13] Xu, Z., Liu, W., Huang, J., Yang, C., Lu, J., & Tan, H. (2020, September 14). Artificial Intelligence for Securing IoT Services in Edge Computing: A Survey. Security and Communication Networks, 2020, 1–13. https://doi.org/10.1155/2020/8872586
[14] Camacho, N. G. (2024). Unlocking the Potential of AI/ML in DevSecOps: Effective Strategies and Optimal Practices. Journal of Artificial Intelligence General Science (JAIGS) ISSN:3006-4023, 2(1), 79-89. https://doi.org/10.60087/jaigs.v2i1.p89
[15] Shahin, M., Ali Babar, M., & Zhu, L. (2017). Continuous Integration, Delivery and Deployment: A Systematic Review on Approaches, Tools, Challenges and Practices. IEEE Access, 5, 3909–3943. https://doi.org/10.1109/access.2017.2685629
[16] Akbar, M. A., Smolander, K., Mahmood, S., & Alsanad, A. (2022, July). Toward successful DevSecOps in software development organizations: A decision-making framework. Information and Software Technology, 147, 106894. https://doi.org/10.1016/j.infsof.2022.106894
[17] Paulose, Jithu (2020). Innovative application of Additive Manufacturing in Biomedical Healthcare Technologies. International Journal of Advanced Research Trends in Engineering and Technology (IJARTET) Vol. 7, Issue 5.
[18] Erich, F. M. A., Amrit, C., & Daneva, M. (2017, June). A qualitative study of DevOps usage in practice. Journal of Software: Evolution and Process, 29(6). https://doi.org/10.1002/smr.1885
[19] Kumar, A., Nadeem, M., & Shameem, M. (2023, July 12). Machine learning based predictive modeling to effectively implement DevOps practices in software organizations. Automated Software Engineering, 30(2). https://doi.org/10.1007/s10515-023-00388-8
[20] Akbar, M. A., Khan, A. A., Islam, N., & Mahmood, S. (2023, September 13). DevOps project management success factors: A decision‐making framework. Software: Practice and Experience, 54(2), 257–280. https://doi.org/10.1002/spe.3269