AI and DevSecOps : Empowering the Workforce
0 Comments

Team Wabbi

March 26, 2025

AI and DevSecOps: Empowering the Workforce 

The cybersecurity industry is at a pivotal moment, facing a confluence of challenges, from a growing talent shortage to the increasing complexity of threats. Artificial Intelligence (AI) has emerged as both a solution and a risk, offering the potential to enhance efficiency while introducing new security concerns. To harness AI’s benefits effectively, it must be implemented with caution and proper security measures, all while bridging the gap between security and development. Wabbi’s CEO & Founder, Brittany Greenfield had the chance to discuss the impact of AI in DevSecOps recently on the Strategy Next podcast – and here we dive more deeply into her discussion.  

AI’s Role in Cybersecurity: A Double-Edged Sword 

AI has the power to revolutionize cybersecurity operations by enhancing productivity and efficiency. However, as Greenfield noted, “It gets to productivity and efficiency. I don’t think we know yet because for all the good, it also introduces bad.” AI can automate routine tasks, allowing security professionals to focus on strategic initiatives. Yet, its misuse or improper implementation can create vulnerabilities that attackers may exploit. 

Greenfield explained, “What AI helps – and this is a broader technology statement – is it takes away the manual work, the menial work that humans aren’t good at. Humans like to problem solve. We’ve seen this already with robotics.” This underscores AI’s potential to free cybersecurity professionals from repetitive tasks, enabling them to focus on higher-value problem-solving and risk mitigation. 

However, AI should not be viewed as a replacement for human expertise. Greenfield emphasized, “We do have to secure it first before we can really start using it.” Without robust security measures, AI can introduce as many risks as it mitigates. 

Work in SecDevOps

The Cybersecurity Talent Shortage and the Need for Integration 

The cybersecurity industry faces a significant skills gap, with an estimated 3 million unfilled positions globally. While automation and AI can alleviate some of the workload, they do not replace the need for skilled professionals. Greenfield highlighted this challenge, stating, “And while there’s been this focus on giving developers more autonomy, they’re still not cybersecurity professionals.” 

The key to solving this issue lies in better integration between security and development teams. Organizations must adopt solutions that allow security to be embedded into development workflows rather than treated as a separate function. Best in class organizations do this by enabling security and development teams to work collaboratively, improving efficiency without sacrificing security. 

Greenfield shared an example of a client who leveraged automation to shift their workload from being “75% manual to 25% manual, but more importantly, that 25% manual is now strategic. Now, they get to partner with the development teams and help them problem solve.” This transformation not only reduces burnout among security professionals but also enhances the overall security posture of an organization. 

Work in SecDevOps

Striking the Right Balance 

 4 ways to implement AI in DevSecOps to reduce workforce burden and improve security efficiency: 

  • AI-Enhanced Collaboration Between Security & Development – AI can bridge the gap between security and development by providing real-time insights, automated risk assessments, and contextualized remediation guidance—making security a shared responsibility, not a bottleneck. 
  • Automated Code Security Analysis – AI-driven SAST, DAST, and SCA tools can identify vulnerabilities faster, provide contextual remediation guidance, and even auto-fix issues—freeing up developers to focus on innovation. 
  • Intelligent Risk Management – AI can streamline compliance by mapping security controls to frameworks, automating evidence collection, and continuously monitoring for non-compliance—reducing manual audit headaches. 
  • Adaptive Security Policies – AI can dynamically adjust security testing based on risk factors and and changes in the application, reducing the need for human intervention.

Proceed, with Caution 

AI has the potential to transform DevSecOps, but it must be implemented carefully and strategically. As the industry grapples with a talent shortage and evolving threats, a balanced approach—leveraging AI for efficiency while maintaining strong human oversight—will be essential. By prioritizing security, fostering collaboration, and investing in both automation and expertise, organizations can build a more resilient DevSecOps infrastructure for the future. 

Listen to Wabbi CEO & Founder Brittany discuss this and more on the podcast Strategy Next.

It gets to productivity and efficiency. I don’t think we know yet because for all the good, it also introduces bad.”

Brittany Greenfield, Wabbi
Subscribe to stay
Stay up to date on the latest in cyber security and how you should be protected.
Connected
Privacy Policy
Subscribe to stay
Stay up to date on the latest in cyber security and how you should be protected.
Connected
Privacy Policy
Learn how our solutions can streamline your Application Security program.
Get Insights on AppSec Orchestration
Privacy Policy
Learn how our ASPM program can streamline your application security.
Get Insights on ASPM SOLUTIONS
Privacy Policy
Learn how our DevSecOps program can integrate security into your development.
Get Insights on DevSecOps Solutions
Privacy Policy