A survey of 3,266 DevSecOps professionals finds more than three-quarters (76%) said they believe that as artificial intelligence (AI) makes it easier to create code, there will be a need for more rather than fewer software engineers to manage and deploy software.
Conducted by Harris Poll on behalf of GitLab, the survey finds nearly all (97%) are using or planning to use AI to automate software development lifecycle (SDLC) tasks. A full 87% also said they believe that software engineers who adopt AI are future-proofing their careers, with 83% expecting AI to significantly change their roles within the next five years. A total of 85% agreed that agentic AI will be most successful when implemented using a platform engineering approach to software development.
A full 88% also said there are essential human qualities, such as creativity and innovation, that agentic AI will never fully replace.
Nearly half (49%) also report they are already using more than five AI tools and 87% wish their organizations invested more in helping them upskill.
However, only 37% would trust AI to handle daily work tasks without human review and nearly three-quarters (73%) have experienced problems with code created by someone using natural language prompts without understanding how code works, also known as vibecoding.
A total of 70% also noted that AI is making compliance management more challenging for their organizations, with 43% expecting that implementing AI for security/compliance will be a top skill required for their career. At the same time, 82% predict compliance will be built into code and automatically applied by 2027. More than three-quarters (76%) said that currently, more compliance issues are discovered after deployment than during the development process
Emilio Salvador, vice president of strategy and developer relations at GitLab, said it’s apparent that many organizations will need to revisit how they build and deploy software in the age of AI. The core issue is that AI amplifies the good, the bad and the ugly, which makes adopting best DevSecOps practices more crucial than ever, he added.
Overall, the survey finds 82% or organizations now deploy software into a production environment at least weekly, with 60% working with more than five tools. However, the survey also noted that DevSecOps professionals lose seven hours per week to inefficient processes, caused mainly by collaboration barriers such as a lack of cross-functional communication, limited knowledge sharing, and different tools used across teams.
The survey makes it clear that AI has been pervasively adopted across the SDLC, but at the same time, confidence in the output of these tools is declining, said Salvador. Organizations are more aware of both the number of vulnerabilities being generated by these tools and the amount of technical debt being created because of how difficult it is to debug code generated by an AI tool, he added.
The challenge and the opportunity now is to determine how to take advantage of the best that AI enables in a way that minimizes the potential downside that gets created when DevOps teams rely too much on these tools to build and deploy software.
