A survey of 206 IT leaders and executives finds that, with the rise of artificial intelligence (AI) coding tools, more application development teams are devoting more time to reviewing rather than writing code.

Conducted by Enterprise Management Associates (EMA) on behalf of Perforce, the survey finds 57% of developers now spend more time on code review, standards, and quality oversight, while 53% report greater involvement in security, policy and compliance responsibilities. Additionally, more than half (52%) now dedicate increased time to validating the output generated by AI coding tools.

Jake Hookom, executive vice president of products at Perforce, said that in part more focus is being put on these tasks to compensate for some of the limitations of AI coding tools. In addition to generating vulnerabilities, many of these tools are generating verbose amounts of code that both adversely impacts application performance and increases the overall amount of technical debt that might need to be later addressed.

At the same time, 62% of survey respondents identified security and privacy risks as their top concern when teams rely on AI tools to write code. More than half (52%) have concerns about introducing security vulnerabilities, and 52% report concerns around code defects and bugs.

More than two-thirds of respondents were concerned about overreliance on AI tools, while 61% expressed concerns about “blind faith” in AI results.

Over half of the respondents (57%) report a negative or neutral experience with an AI tool hurting their workflow, primarily due to inconsistent results in code quality and testing. Overall, organizations are justifying investments in AI coding tools by tracking code quality and defect reduction (70%) and developer productivity (62%).

On the plus side, primary benefits cited by survey respondents include higher developer satisfaction (62%), followed by faster time to market (49%), faster onboarding with junior developers (43%) and reduced toil in DevOps or pipeline tasks (38%). More than half also cited improved test coverage (56%) and more consistent code formatting (55%).

More than half (51%) report developers are actively using vibe coding tools to build but only 3% of those surveyed felt like it would reshape developer workflows. Top vibecoding benefits include enhancement of productivity (38%) and lower barriers for new or returning developers (33%),

Top challenges, however, include risk of poor quality or insecure code (54%), overreliance on inexperienced developers (48%), lack of integration with existing DevOps pipelines (45%), limited control over generated architecture or design choices (44%) and unclear ownership of AI generated applications (33%).

Overall, the survey suggests that as organizations continue to rely more on AI coding tools to generate code, many despite their concerns have yet to re-engineer existing DevOps workflows as a result, said Hookom.

Specific areas where there is room for improvement include real-time vulnerability detection (55%), automated test generation (53%), enhanced DevOps pipeline orchestration (46%) and AI assisted performance testing or environment simulation (46%).

Nevertheless, most respondents are either strongly supportive (48%) or somewhat supportive of using non-approved tools. However, when AI coding tools are blocked it is most often because of security concerns (45%), protection of intellectual property (32%) and vendor conflicts (25%).

It’s still early days so far as adoption of AI is concerned but the one thing that is apparent is that at this point it’s not a question of whether to use AI but rather how far to take it.