SmartBear announced AI enhancements for API testing, UI test automation, and test management across its product suite, the SmartBear Application Integrity Core™.
Security and Privacy Risks: Top AI Concern for DevOps
February 27, 2026
While AI is rapidly reshaping roles in DevOps, most enterprises struggle with governance, according to new research from Enterprise Management Associates (EMA) and DEVOPSdigest.
62% of the IT leaders surveyed cited security and privacy risks as their top concerns, according to the report AI in DevOps: Adoption Outpaces Governance and Changes the Role of the Developer.
AI ROI Tracked in Engineering Teams with Emphasis on People and Process
Organizations primarily measure ROI through code quality and defect reduction (70%) and developer productivity (62%), with fewer tying AI benefits to release velocity or business outcomes — indicating ROI is still framed mostly in engineering terms rather than enterprise value. However, realized outcomes from the survey also indicated better people and processes through AI, including:
■ 62% higher developer satisfaction
■ 49% faster time to market
■ 43% faster onboarding with junior developers
■ 38% reduced toil in DevOps or pipeline tasks
Duality of Impact Reveals Governance Needs for AI in Continuous Software Quality
Despite widespread AI adoption, the research identifies substantial governance gaps. While AI development tools deliver measurable benefits, including improved test coverage (56%) and more consistent code formatting (55%), a range of concerns confirms the need for governance:
■ 52% report concerns about introducing security vulnerabilities, and 52% report concerns around code defects and bugs.
■ 69% of respondents were concerned about over-reliance on AI tools, while 61% expressed concerns about "blind faith" in AI results.
■ Over half of the respondents (57%) report a negative or neutral experience with an AI tool hurting their workflow, primarily due to inconsistent results in code quality and testing.
Vibe Coding Seen as Beneficial, But Quality and Control Risks Persist
51% of those surveyed actively use vibe coding for new features, and most see strong flow benefits — but nearly half stress the need for oversight by experienced developers to correct inefficiencies and avoid structural risks. While adoption remains strong with vibe coding, only 3% of those surveyed felt like it would reshape developer workflows.
Vibe coding's top benefits according to respondents
■ Enhancement of productivity (cited by 38%)
■ Helpful bridge to lower barriers for new or returning developers (cited by 33%)
■ Useful for business users and less relevant with developers (cited by 20%)
Control and Quality are the Top Challenges around Vibe Coding
■ Risk of poor quality or insecure code (54%)
■ Over-reliance on inexperienced developers (48%)
■ Lack of integration with existing DevOps/CI/CD pipelines (45%)
■ Limited control over generated architecture or design choices (44%)
■ Unclear IP ownership or generated applications (33%)
Enterprises' Investment Focuses on Closing Interoperability Gap, Addressing Tool Sprawl, and Orchestration Challenges and Opportunities
"Beyond security risks, the biggest barriers to AI in DevOps are tool sprawl, interoperability gaps, and the difficulty of orchestrating AI assistants across workflows," said Dan Twing, President and COO of EMA. "Without unified governance and vendor ecosystems that simplify integration, AI expansion will remain fragmented — limiting both scalability and return on investment."
Key Factors that lead to these conclusions include:
■ 48% "Strongly supportive" and 27% "Somewhat supportive" of using non-approved tools. Demonstrates decentralized experimentation and fragmented control leading to tool sprawl and lack of centralized control.
■ 45% cite security concerns, 32% IP protection, and 25% vendor conflict when it comes to why organizations are blocking AI usage, which highlight integration and interoperability barriers during production rollout.
Survey respondents listed the top improvements they want with their AI-powered development workflows
■ 55% indicated a need for real-time vulnerability detection
■ 53% wanted automated test generation
■ 46% enhanced DevOps pipeline orchestration
■ 46% wanted AI assisted performance testing or environment simulation
Methodology: The research is based on a survey of 206 IT executives and technical leaders.
Industry News
March 31, 2026
JFrog announced its partnership with iZeno Pte Ltd, a Singapore-headquartered enterprise technology solutions provider.
March 30, 2026
Red Hat announced an expanded collaboration with Google Cloud to help organizations accelerate application modernization and cloud migrations.
March 30, 2026
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the contribution of SQLMesh, an open source data transformation framework, to the Foundation by Fivetran.
March 26, 2026
Check Point® Software Technologies Ltd. released the AI Factory Security Architecture Blueprint — a comprehensive, vendor-tested reference architecture for securing private AI infrastructure from the hardware layer to the application layer.
March 26, 2026
CMD+CTRL Security won the following awards from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine: Most Innovative Cybersecurity Training and Pioneering Secure Coding: Developer Upskilling.
March 25, 2026
Check Point® Software Technologies Ltd. announced the Check Point AI Defense Plane, a unified AI security control plane designed to help enterprises govern how AI is connected, deployed, and operated across the business.
March 25, 2026
Oracle announced the latest updates to Oracle AI Agent Studio for Fusion Applications, a complete development platform for building, connecting, and running AI automation and agentic applications.
March 25, 2026
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced that Istio has launched a host of new features designed to meet the rising needs of modern, AI-driven infrastructure while reducing operational complexity.
March 25, 2026
Chainguard announced Chainguard Repository, a single Chainguard-managed experience for pulling secure-by-default open source containers, dependencies, OS packages, virtual machine images, CI/CD workflows, and agent skills that have built-in, intelligent policies to enforce enterprise security standards.
March 24, 2026
Backslash Security announced new cross-product support for agentic AI Skills within its platform, enabling organizations to discover, assess, and apply security guardrails to Skills used across AI-native software development environments.
March 24, 2026
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of Kyverno, a Kubernetes-native policy engine that enables organizations to define, manage and enforce policy-as-code across cloud native environments.
March 24, 2026
Zero Networks announced the Kubernetes Access Matrix, a real time visual map that exposes every allowed and denied rule inside Kubernetes clusters.
March 24, 2026
Apiiro announced AI Threat Modeling, a new capability within Apiiro Guardian Agent that automatically generates architecture-aware threat models to identify security and compliance risks before code exists.
March 23, 2026
GitLab released GitLab 18.10, making it easier and more affordable to use agentic AI capabilities across the entire software development lifecycle.
