Balancing AI Usage and Risk in 2025

The Global State of DevSecOps

AI is the most transformative challenge facing software development and security. AI tools and models are deeply embedded in the daily life of developers, and this presents a huge paradox. On the one hand, AI is seen as a powerful ally in improving software security. On the other hand, it’s seen as a significant new source of complex, scalable risk.

How can both be true? And what should you do about it?

Download the report now

') .insertBefore($(firstRow)); } else if($(".customMktoErrMsg .mktoErrorMsg").length == 0){ $(".customMktoErrMsg").html('
' + '
'); } formLoadingErrMsg = i18nData[locale].requiredConsentBoxErrorMsg; $(".customMktoErrMsg .mktoErrorMsg").text(formLoadingErrMsg); ctaSubmitElem.prop('disabled', false); ctaSubmitElem.text(ctaSubmitText); $('html, body').animate({ scrollTop: $(".snps-aem-mktoForm").offset().top }) } else if(vals["Country"] && vals["Country"] === 'Germany' && marketoFormName && marketoFormName.toLowerCase().indexOf("medium priority") > -1){ sendFormSuccessEvent() .then(result => { if (currentPagePath.indexOf("/content/black-duck") > -1) { url = "/content/black-duck/en-us/contact-sales/dede-thank-you.html"; } window.location.href = url; }); } else { sendFormSuccessEvent() .then(result => { if (typeof url == 'undefined' || url === '' || url == null) { url = window.location.pathname.substring(0, window.location.pathname.indexOf(".html")) + "/thankyou.html"; window.location.href = url; } else { if (url.indexOf("http") == 0) { window.location.href = url; } else if (url.indexOf("/") == 0) { window.location.pathname = url; } } }); } return false; }); //onSuccess form.addHiddenFields({ "hiddenLandingPageURL": window.location.href, // "wfi":"", "Last_Campaign_ID__c": "701Uh00000aTrnOIAS", "Last_Campaign_Name__c": "25_09_Global_RP_Global State of DevSecOps", "autoresponderID": "7598", //"hidden_leadsource": "", "Alert_Email__c": "49", "Lead_Source_Most_Recent__c": "Website" }); function appendDigitalDataObj(form) { var vals = form.vals(); // Get the form field values var formId = vals.formid; var templatePath = "\/conf\/synopsys\/settings\/wcm\/templates\/sig\u002Dcontent\u002Dpage\u002Dtemplate"; var formDetailsObj = { "type": templatePath.length > 0 ? templatePath.split('/').pop() : '', "name": "SIG \u002D Medium Priority Web", "id": formId } if (typeof digitalData != "undefined") { digitalData.page["form_details"] = formDetailsObj; } } }); var checkFlag = true; $("body").keyup(".mktoLabel input", function (e) { e.preventDefault(); if (checkFlag == true) { window.adobeDataLayer = window.adobeDataLayer || []; window.adobeDataLayer.push({ event: "formInitiation", web: { webPageDetails: { URL: window.location.href, name: 'SIG \u002D Medium Priority Web', }, }, _softwareintegritygroupinc: { forms: { formName: 'Download the report now', formType: 'SIG \u002D Medium Priority Web', formInitiations: { value: 1, }, }, }, }); } checkFlag = false; return true; });
Balancing AI Usage and Risk in 2025: The Global State of DevSecOps report cover

Download our report now to learn how to reconcile this apparent contradiction.

Also in the report:

 

  • Why a flood of useless information is destroying the ROI of security investments
  • Why security practices are dangerously immature in many organizations
  • Why "shadow AI" is a significant problem
  • Why it's time to stop buying new tools and start optimizing the ones you have
  • What you can do about these issues to implement AI with confidence