版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
GartnerResearch
Predicts2024:AI
&Cybersecurity—TurningDisruptionIntoanOpportunity
JeremyD’Hoinne,AvivahLitan,NaderHenein,MarkHorvath,AkifKhan,RobertsonPimentel,BartWillem-sen,DennisXu,WilliamDupre
4December2023
Gartner
Predicts2024:AI&Cybersecurity—TurningDisruptionIntoanOpportunity
Published4December2023-IDG00800663-27minread
ByAnalyst(s):JeremyD'Hoinne,AvivahLitan,NaderHenein,MarkHorvath,AkifKhan,RobertsonPimentel,BartWillemsen,DennisXu,WilliamDupre
Initiatives:CyberRisk;MeetDailyCybersecurityNeeds
GartnerpredictsthatAIwilldurablydisruptcybersecurityin
positiveways,butalsocreatemanyshort-termdisillusions.
Securityandriskmanagementleadersneedtoacceptthat2023wasonlythestarterforgenerativeAI,andprepareforits
evolutions.
Overview
KeyFindings
■GenerativeAI(GenAI)isthelatesttechnologyinalonglineofproclaimeddisruptivetechnologiespromisingtofulfilltheongoingdesirefororganizationstodrasticallyincreaseproductivitymetricsforallteamsviaautomationoftasks.
■Today,mostGenAIfunctionsbuiltintosecurityproductsarefocusedonadding
naturallanguageinterfacestoexistingproductstoimproveefficiencyandusability,butpromisesoffullautomationstarttoappear.Pastattemptstofullyautomate
complexsecurityactivities,includingusingmachinelearningtechniques,haverarelybeenentirelysuccessfulandcanbeawastefuldistractiontoday,andwithshort-termdisillusions.
■GenAIisatpeakhype,drivingveryaggressivepredictionsbasedonthestateofthetechnologytoday.Thisleadstounrealisticdisruptionclaims,butalsoignoresnextstepsinGenAIevolution,suchasmultimodalmodelsandcompositeAI.
■TheinitialforaysbycybersecurityvendorsintogenerativeAIofferonlyalimited
glimpseofthetechnology'spromiseandmightnotbethebestindicationofwhatthefuturecouldbe.
Gartner,Inc.|G00800663Page1of23
Recommendations
Securityandriskmanagement(SRM)leadersinchargeofdevelopingcybersecurityroadmapshould:
■ConstructamultiyearapproachforprogressivelyintegratingGenAIfeaturesand
productswhentheyaugmentsecurityworkflows.Startwithapplicationsecurityandsecurityoperations.
■EvaluateefficiencygainsintandemwiththecostofGenAIimplementations,and
refineyourdetectionandproductivitymetricstoaccountfornewGenAIcybersecurityfeatures.
■PrioritizeinvestmentsinAIaugmentationoftheworkforce,notjusttaskautomation.Prepareforshort-termincreasedspendandlong-termskillrequirementschanges
duetoGenAI.MonitorpotentialshiftinattacksuccessduetoGenAI.
■Accountforpotentialprivacychallengesandbalanceexpectedbenefits,withrisksassociatedwithcumulativecostinthevaluationoflarge-scaleGenAIadoptioninsecurity.
StrategicPlanningAssumptions
By2028,multiagentAIinthreatdetectionandincidentresponsewillrisefrom5%to70%ofAIimplementationstoprimarilyaugment,notreplacestaff.
Through2025,generativeAIwillcauseaspikeofcybersecurityresourcesrequiredto
secureit,causingmorethana15%incrementalspendonapplicationanddatasecurity.
By2026,40%ofdevelopmentorganizationswillusetheAI-basedautoremediationofinsecurecodefromASTvendorsasadefault,upfromlessthan5%in2023.
By2026,attacksusingAI-generateddeepfakesonfacebiometricswillmeanthat30%ofenterpriseswillnolongerconsidersuchidentityverificationandauthenticationsolutionstobereliableinisolation.
By2028,theadoptionofgenerativeaugmentswillcollapsetheskillsgap,removingtheneedforspecializededucationfrom50%ofentry-levelcybersecuritypositions.
Gartner,Inc.|G00800663Page2of23
Analysis
WhatYouNeedtoKnow
PredictionsarestatementsofGartner’spositionsandactionableadviceaboutthefuture.ThisresearchhighlightsGartnerPredictsrelevantforsecurityandriskmanagement
leaderswhohavetonavigateaggressiveclaimsthatGenAIisdisruptingcybersecurity.
Pastexperiencesleadtoskepticismgivenprevious“AIwashing,”whichcausedexpensiveinvestmentsthatdidn’tdeliverexpectedresults.
In4WaysGenerativeAIWillImpactCISOsandTheirTeams,Gartnergivesrecommendationsonareasofimmediatefocusforsecurityleaders:
■ManagetheconsumptionofhostedandembeddedGenAIapplications.
■UpdateapplicationsecuritypracticestoAIapplications,usingAItrust,riskandsecuritymanagement(AITRiSM)technologies.
■AssessthefirstwaveofGenAIannouncementsfromcybersecurityproviders,andputaplantointegratenewfeaturesandproductswhentheyaremoremature.
■AcknowledgethatmaliciousactorswillalsouseGenAIandbepreparedforunpredictablechangesinthethreatlandscape.
Excessivehypedamagesourperceptionoftimeandbalance,butroadmapplanningrequiresthatcybersecurityleadersfactorinallpossibilities,withoutastrongfactbasethatbalancescybersecurityrealitieswithGenAIhopesorpromises(seeFigure1).
Gartner,Inc.|G00800663Page3of23
Figure1:BalancingCybersecurityRealitywithGenAIHopes
Thecybersecurityindustryhaslongbeenobsessedwithfullyautomatedsolutions.ThehypesurroundingGenAIalreadyledtounrealisticpromises,potentiallydamagingthecredibilityoflonger-termimprovementscomingfromfuturefeaturesandproducts.
2023wastheyearofGenAIannouncements,2024shouldbetheyearofminimumviableproducts;2025mightbethefirstyearofGenAIintegrationinsecurityworkflowsdeliveringrealvalue.
AsstatedintheHypeCycleforGenerativeAI,2023,“Severalinnovationshaveafive-to10-yearperiodtomainstreamadoption.”Thisisthecasefor“autonomousagents”and
Gartnerbelievesthatcybersecurityleadersfocusingonhumanaugmentationwillachievebetterresultsthanthosejumpingtooquicklyonsolutionspromisingfullautomation.
Intheshorterterm,we’llobserveexpansionsofcybersecurityusecasesfromexperimentsofmultimodalGenAI(i.e.,learningfrommorethantextcontent)andwillimproveour
abilitytomeasureproductivitygains(seeInnovationInsight:MultimodalAIExplained).
Gartner,Inc.|G00800663Page4of23
StrategicPlanningAssumptions
StrategicPlanningAssumption:By2028,multiagentAIinthreatdetectionandincident
responsewillrisefrom5%to70%ofAIimplementationstoprimarilyaugment,notreplacestaff.
Analysisby:JeremyD’Hoinne,DennisXuKeyFindings:
■MorethanathirdofthefirstwaveofannouncementsonGenAIincybersecurityrelatetosecurityoperationactivities.Toutedcapabilitiesrangefrombasic
interactivehelppromptstonewdedicatedproductannouncementsaimedat
becomingtheprimaryinterfaceforincidentresponseandpostureassessments.
■Fullautomationofthreatdetection,alerttriageandincidentresponsesarethe“reachthemoon”objectivesofmanythreatdetection,investigationandresponse(TDIR)
initiatives.
■HistoryoftenrepeatsandGenAIsparksthesameoverly-optimistichopesforsecurityoperations,similartowhatunsupervisedmachinelearningdidforthreatdetection
morethanfiveyearsago.
■Conversely,teamswithahighermaturitymightimprudentlydismissgenerativecybersecurityAI,basedontheearlyandimmatureimplementationsoflarge
languagemodels(LLMs)intheformof“SOCassistants”prompts.
Near-TermFlag:
Through2024,lessthanathirdofgenerativecybersecurityAIimplementationwillleadtosecurityoperationproductivityimprovementsforenterprises,generatingmorespend.
By2026,theemergenceofnewapproaches,suchas“actiontransformers,”combinedwithmorematureGenAItechniqueswilldrivesemiautonomousplatformsthatwillsignificantlyaugmenttasksexecutedbycybersecurityteams.
MarketImplications:
Buildingstrongsecurityoperationsisdifficult,evenforlargerandwell-funded
organizations.Pickingtherightmixoftools,servicesandinternalstaffwillsufferif
cybersecurityteamsinvesttimeontoolsthatdon’tdelivertotheirpromiseofautomation.Gartner,Inc.|G00800663Page5of23
We'veobservedthispreviouslywhenimplementationsofunsupervisedmachinelearningforthreatdetectionpromisedtowipeoutfalsepositivesandenableautomatedresponse.Ittookyearsforthetoolstomature,andforsecurityoperationteamstotunethemand
narrowdownautomatedblockingtothefewusecaseswhereitworked.WithLLMstoday—andautonomousagents,multimodalandfoundationmodelsinthefuture—
organizationsfaceasimilarchallenge.EarlyclaimsofGenAIawesomenessdivert
expectationsfromincrementalimprovementsandteamaugmentationtolesslikelybigshiftsinautomation,skillrequirementsandstaffversustoolbalance.
Gartneranticipatesshort-termGenAIdisillusions,especiallyin
2024,whereexternalpressuretoincreasesecurityoperation
productivitywillcollidewithlowmaturityfeaturesandfragmentedworkflows.
Symptomsofill-preparedGenAIintegrationwillinclude:
■AbsenceofrelevantmetricstomeasureGenAIbenefits,combinedwithpremiumpricesforGenAIadd-ons.
■DifficultiestointegrateAIassistantsinexistingcollaborationworkflowwithinthesecurityoperationteams,orwhenpartneringwithathird-partysecurityoperationprovider.
■Quicklygrowing“promptfatigue:”toomanytoolsofferinginteractiveinterfacetoqueryaboutthreatsandincidents.
Withtime,newAIapproaches—combinedwithothernon-AItechniqueswhererelevant—mightbringsecurityoperationsclosertoautonomousdecisionsforidentifiedusecases.EmergingAItechniquessupportingthispromiseinclude:
■Multiagentsystems(MAS):TypeofAIsystemscomposedofmultiple,independentbutinteractiveagents.
■Actiontransformers:Modelsthatlearnfromhumanactions.
■Autonomousagents:Self-promptingagentsthatcantakeactionsbasedonLLMsrecipes.
Gartner,Inc.|G00800663Page6of23
Althoughthemythoffullyautomatedresponseandself-healingorganizationsmight
nevertrulyturnintoreality,Gartnerbelievesthatthecombinationofothertechniqueswithmultiagentapproacheswillhaveabigimpactonsecurityoperationsandsecurityin
general.Deploymentsaimedatbothaugmentinghumantasksandaddingprecisionandspeedtohumaninvestigationswillbemoreeffectivethansingle-techniqueAIanalyticsdrivingfullyautonomousresponses,suchasautomatedcontainmentfortheforeseeablefuture.
Recommendations:
■NavigatethechaosofnewlyannouncedGenAIfeaturesinsecurityproductsby
introducingbusinessvalue-drivenAIevaluationframeworks,whichmeasureimpactontangiblemetricssuchasspeed,accuracyandproductivity.
■RunGenAIpilotsprimarilyforincidentresponseandexposuremanagementusecasesthatarenotrealtimeinnature.Setrealisticshort-termobjectives,suchasfalsepositivereductionoropportunitiestoextendstaffrecruitmenttoslightlylessspecializedprofiles.
■Protectthesecurityoperationteamasmuchaspossiblefrommandatesoriginatingoutsideofthesecurityteamtofullyautomateresponseandvulnerabilitytreatmentprocess.Thiswillhelpavoidresistancewhenyouneedtoimplementpromising
GenAItechniqueslater.
■Belucidaboutsecurityproviders’strategytouseGenAIasaclaimeddifferentiatortopromotelargeplatformsleadingtovendorlock-in.
■Don’tneglectproviderevaluationrequirementstoaddressprivacy,copyright,traceabilityandexplainabilitychallenges.
RelatedResearch:
4WaysGenerativeAIWillImpactCISOsandTheirTeamsHypeCycleforArtificialIntelligence,2023
HypeCycleforGenerativeAI,2023
Busting4MythstoUnlockMoreCybersecurityValue
Gartner,Inc.|G00800663Page7of23
StrategicPlanningAssumption:Through2025,generativeAIwillcauseaspikeof
cybersecurityresourcesrequiredtosecureit,causingmorethana15%incrementalspendonapplicationanddatasecurity.
Analysisby:AvivahLitan,JeremyD’HoinneKeyFindings:
■GartnerresearchshowsthatmostenterpriseshavenotyetformalizedacceptableusepoliciesforGenAI,sosecurityandriskmanagersdonotyethaveaframeworkforinstitutingtechnicalcontrols.1
■Integratinglargelanguagemodels(LLMs)andothertypesofmodels,suchas
foundationmodelsinenterpriseapplications,bringnewrisksinthreecategories:contentanomalies,dataprotectionandAIapplicationsecurity.
■Almost90%ofenterprisesarestillresearchingorpilotingGenAI,andmostofthosehaveyettoputAITRiSM(trustriskandsecuritymanagement)technicalcontrolsorpoliciesinplace.
■VendorshostingGenAImodelsdonotalwaysprovideacompletesetofcontrolsthatmitigatetheserisks.Instead,usersneedtoacquiresolutionsthataugmenthostingvendors’limitedcontrols.
■ITleadersmustrelyonhostingLLMvendorswithprotectionoftheirdata,withouttheabilitytoverifytheirsecurityandprivacycontrols.
MarketImplications:
Theuseofthird-partyhostedLLMandGenAImodelsunlocksmanybenefits,butusers
alsomustcontendwithnewuniquerisks,requiringnewsecuritypracticesinthreeprimarycategories:
Gartner,Inc.|G00800663Page8of23
■Contentanomalydetection
■Unacceptableormalicioususe
■Unmanagedenterprisecontenttransmittedthroughpromptsorothermethods,resultingincompromiseofconfidentialdatainputs
■Hallucinationsorinaccurate,illegal,copyright-infringingandotherwise
unwantedorunintendedoutputsthatcompromiseenterprisedecisionmakingorcanleadtobranddamage
■Dataprotection
■Dataleakage,integrityandconfidentialitycompromisesofbothcontentanduserdatainhostedvendorenvironment
■Inabilitytogovernprivacyanddataprotectionpoliciesinexternallyhostedenvironments,orevencontractserviceprovidersasdataprocessors
■Difficultyconductingprivacyimpactassessmentsandcomplyingwithvariousregionalregulations,duetotheblackboxnatureofthethird-partymodelsandthemostlyabsentpossibilitytoofficiallycontractthesemodelprovidersas
dataprocessors,followingprivacylegislativerequirements
■AIapplicationsecurity
■Adversarialpromptingattacks,includingbusinesslogicabusesanddirectandindirectpromptinjections
■Vectordatabaseattacks
■Hackeraccesstomodelstatesandparameters
Ourrecentsurveyofover700webinarattendeesonwhatGenAIriskstheyaremost
concernedaboutvalidatedtheseriskcategories—andhighlightedthatprivacyanddatalossarethetoprisksfromITleaders.1
TheserisksareexacerbatedwhenusingexternallyhostedLLMandotherGenAImodels,asenterpriseslackcapabilitiestodirectlycontroltheirapplicationprocessesanddatahandlingandstorage.However,therisksstillexistinon-premisesmodelshostedand
directlycontrolledbytheenterprise—especiallywhensecurityandriskcontrolsarelacking.
Gartner,Inc.|G00800663Page9of23
ThesethreecategoriesofrisksconfrontusersduringruntimeofAIapplicationsand
models.Figure2showshowthesethreerisksaffectAImodeldevelopmentand
deployment,theAImodelatruntime,plustheeffectfromAIrisksintheITsupplychain.
Thisincludestrainingdata,third-partymodels,codeandlibraries,andpromptandmodelintegrations.
Thesenewattacksurfaceswilldriveenterprisesecuritydepartmentstospendtimeand
moneyimplementingGenAIsecurityandriskmanagementcontrols,suchthatapplicationanddatasecurityspendingwillincreaseatleast15%through2025.
Figure2:GenerativeAIAttackSurfacesAcrosstheAILifeCycle
Gartner,Inc.|G00800663Page10of23
Gartnerexpectsthatmanyenterpriseswillinitiallyacquiresolutionsthatmitigate
input/outputrisksthroughanomalydetectionorsecureAIapplicationstogainvisibilityintoenterpriseuseofGenAIapplicationsandmodels.Thisincludesuseofoff-the-shelfapplications,suchasChatGPTorinteractionsthroughotherintegrationpointslikeplug-ins,promptsorAPIs.GettingtheirarmsaroundenterpriseinteractionswithGenAIisthefirstpriorityfororganizations,andtheseproductscanprovideagoodmapofthose
interactions.Oncethemapisestablished,corefunctionsofmitigatingrisksandsecuritythreatscanbegraduallydeployed.Thisallhasmajorimplicationsonsecuritystaffingandbudgets;henceourpredictionthatsecuritybudgetswillincrease.
Recommendations:
■OrganizewithinandacrossyourenterprisetomanagenewGenAIrisksandsecuritythreats.Onceorganized,establishacceptableGenAIusepoliciesforyourenterprise,andenforcethemonacontinualbasisinpartusingAITRiSMtechnology.
■SetupproofsofconcepttotestemergingAITRiSMproducts,specializedinGenAIinthethreenewriskandsecuritycategoriestoaugmentyoursecuritycontrols,and
applythemtoproductionapplicationsoncetheyperformasrequired.
■Usecontentanomalydetectionproductsthatmitigateinputandoutputrisksto
enforceacceptableusepolicy,andpreventunwantedorotherwiseillegitimatemodelcompletionsandresponsesfromcompromisingyourorganization’sdecision
making,safetyandsecurity.
■PerformuserawarenesstrainingtoreminduserstoalwaysvalidatetheoutputofGenAIproductsforaccuracybeforeincorporatingthemintobusinessworkflow.
■EvaluatetheuseofAIapplicationsecurityproductstoprotectyourorganization
fromhackerswhoexploitnewGenAIthreatvectorstodamageyourorganizationanditsassets.
■Continuetouseknownsecuritycontrolstoprotectsensitiveinformation,applicationstacksandassets,butrecognizetheydon’tmitigaterisksuniquetoLLMs,suchasinaccurate,inflammatoryorcopyrightedoutputsinresponses.
RelatedResearch:
4WaysGenerativeAIWillImpactCISOsandTheirTeams
InnovationGuideforGenerativeAIinTrust,RiskandSecurityManagement
Gartner,Inc.|G00800663Page11of23
GenerativeAIPolicyTemplate
MicrosoftAzureOpenAIvs.OpenAI:ComparingGenAITrust,RiskandSecurity
QuickAnswer:HowtoMakeMicrosoft365CopilotEnterprise-ReadyFromaSecurityandRiskPerspective
StrategicPlanningAssumption:By2026,40%ofdevelopmentorganizationswillusetheAI-basedauto-remediationofinsecurecodefromASTvendorsasadefault,upfromlessthan5%in2023.
Analysisby:MarkHorvathKeyFindings:
■Although80%ofvendorsofferingApplicationSecurityTesting(AST)havesome
formofsuggestingfixestocodebasedonsecurityproblems,(autoremediation),lessthan5%ofdevelopmentorganizationsuseit—inpartbecausethesolutionsit
offersaregenerallyexamples,ratherthanactualcodefixes.
■Developerscomplainthatautoremediationsuggestedbycodesecuritytools(ASTtools)oftenhaveadversesideeffectsonotheraspectsoftheircode,like
performanceandreliability.BecausemostdevelopershaveKPIsaroundthesecodeaspects—andlessstringentonesaroundsecurity—theyviewthesesuggestionsnegatively.
■Developerscanfeeloverloadedbythenumberofplug-instotheirdeveloper
environment—eachofferingadviceonaspecificparameter(e.g.,codequality
assessments,performanceandoptimizationsuggestions,etc.).AnynewadditionstotheIntegratedDevelopmentEnvironment(IDE)willneedtosynthesize
suggestionsbasedontheinputofmorethanoneautocorrectiontool.
Near-TermFlag:WhilemanyAI-basedsecurecodeassistantsareplannedorarein
development,theiradoptionbyreal-worldproductionteamsin2024,asopposedtopilotsorproofsofconcept(POCs),willbealeadingindicatorthattheyofferanadvantageoverexistingsystems.
MarketImplications:
Gartner,Inc.|G00800663Page12of23
Currently,theapplicationsecuritytestingmarketiscenteredaroundahandfulofcore
toolsusedfordeterminingelementsofcodesecurityrisk(e.g.,SAST,DAST,IAST,SCA,IaC,etc.).Althoughtheyinterfacewithdevelopersonadailybasis,theyareprimarilysecuritytoolsandweredesignedtobeusedby,andfor,securityprofessionalsworkingwith
developers.Theyareoftenheavyintermsoftechnicalsecurityjargonandassumethatdevelopershaveanunderstandingofthedata,andareabletoactionittoreducesecurity
risk.However,thereisoftenaconsiderablegapbetweenthesecuritytrainingthatdevelopersreceive,andreal-worldcodesecurityissuesthatoftendon’tlookliketheexamplestheyaretaught.
RemediationguidancefromstandardASTtoolsisusuallyintheformofautocorrection,whichworksinwayssimilartoaspellchecker(e.g.,isthislineformattedcorrectly)?
Guidancetothedeveloversisusuallyspecificonlytosecurity,andonlytothelineorlinesinquestion.Itfailstoprovideamorecomprehensiveanalysisofdifferentaspectsofthecodeinalargercontext.Thisresultsinfairlygenericadvice,usuallyreflectingtheOWASPtop10asthebasisofrepair.
Largelanguagemodels(LLMs)havetheadvantagethattheyarenotonlyabletomore
easilydealwithmultiplecodemetricslikesecurity,qualityandreliability,theyarevery
flexibleinthewaytheycanpresentthedataandsuggestionstodevelopers.LLMshavethepromiseofbeingabletoconvertsecurityjargonintoaneasiertounderstandformat,leadingtoabetterunderstandingoftheissueandamoreeffectivefix.Thecurrent
generationofcodesecurityAIsofferadeveloperachoiceofseveraldifferentsuggestionsforaddressingvulnerabilities,puttingthedeveloperinchargeofpickingthetypeof
remediationthatbestfitsintotheapplication,thuspreservingthe“ownyourcode”philosophy.Thishasseveraladvantages:
■AIsandpeopleoftenworkbettertogetherthaneitheronealone.TheAIassistant
offersabroader(andpotentiallydeeper)viewofavulnerabilities’securityposture,whilethehumanunderstandstheapplication’scontext,goalsandworkflows.TheAIassistantallowsabetterselectionofpossibleremediations,whilekeepingthe
application’sfunctioninmind.
■Bypresentingmultipleoptionstothedevelopers,theycanmoreeasilyrecognizeandfilteroutmisidentifications/hallucinationsfromtheAIassistant.
Gartner,Inc.|G00800663Page13of23
■NoneoftheautoremediationoptionsavailablefromASTtoolseffectivelyinclude
parameterslikeperformance,codequality,reliabilityetc.,whicharebothimportanttodevelopmentteamsandwell-correlatedwithsecurityfindings.NewAI-basedcode
assistantscanoptimizeseveralvariablesbeyondjustsecuritytogivedevelopersmoremotivationinlinewiththeirdevelopmentKPIs.
Recommendations:
■MostenterprisesshouldnotusegenericLLMslikeChatGPTforcodegeneration,
codesecurityscanningorsecurecodereview,duetothehighererrorratesoftoolsnotspecifictosecurity.Instead,relyontoolsthatofferenterprisegradesecurityandgovernancecontrolsforassistingdeveloperswithtechnicaltaskslikesecurity.
■PilotnomorethantwoorthreedifferentAIsecuritycodeassistantstocompareandcontrasttheircapabilities.Thoughproductsarerecentlybecomingcommercially
available,themarketstillhasalongwaytogobeforethesearecommontools.Thecurrentgenerationhasstrengthsandweaknessesindifferentareas,sohave
developmentteamstestthemouttodeterminethemosteffectiveonesforyourorganization.
■Maintainingtheexistingdeveloperexperienceiscriticaltothesuccessfuladoptionofanydeveloperfocusedtools.Changesinworkflow,experienceortestingworksagainstthe“musclememory”ofdevelopersandgeneratesfriction,whichwill
frustratedeveloperswhowillthenavoidusingthetools.
■RememberthatthesetoolsuseanLLM,whichwillneedperiodicretraining.Whenchoosingavendor,askspecificallyaboutprivacy,dataretentionandretraining
detailstoprotectyourIP.AskaboutindemnificationaroundIPloss,licensingissueswithsomecodeoraccidentallyre-usinganothercompany’sIP.
■AICodingAssistantsarerapidlybecomingapopularwayfordeveloperstowritebettercodeatafasterrate.BesuretorunStaticAnalysis(SAST)andSoftware
CompositionAnalysis(SCA)oncodethathasbeengeneratedbyAI.Thiswillhelpensurecodequality,protectIPrightsandcutdownonAImistakesand
misrepresentations.
RelatedResearch:
Gartner,Inc.|G00800663Page14of23
QuickAnswer:MitigatingtheTopFiveSecurityRisksofAICoding
EmergingTech:GenerativeAICodeAssistantsAreBecomingEssentialtoDeveloperExperience
MagicQuadrantforApplicationSecurityTestingHypeCycleforApplicationSecurity,2023
InnovationGuideforAICodingAssistants
StrategicPlanningAssumption:By2026,attacksusingAI-generateddeepfakesonfacebiometricswillmeanthat30%ofenterpriseswillnolongerconsidersuchidentity
verificationandauthenticationsolutionstobereliable
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 长治市人民医院炎症细胞学诊断考核
- 通辽市人民医院急诊支架植入技术考核
- 2025年中国水性uv树脂项目创业计划书
- 晋中市中医院化学烧伤急救与特异性解毒考核
- 2025年中国丝印胶水项目商业计划书
- 晋中市人民医院医学伦理决策考核
- 2025年中国热可塑性聚氨酯薄膜项目投资计划书
- 佳木斯市人民医院机械取栓技术专项考核
- 临汾市人民医院分子病理技术考核
- 2025妇幼保健院关节内骨折解剖复位技术考核
- 2025年大学辅导员招聘考试题库:学生心理危机干预方案设计试题
- 2024-2025学年广东省广大附中大联盟九年级(上)期中联考道法试题及答案
- 塔吊使用安全事故应急救援预案
- 汴京的星河解析课件
- 亚马逊培训考试题及答案
- 餐饮行业人力资源管理-招聘、培训和留住员工
- 建筑企业税收调研报告及政策解析
- 2025成人高考专升本《政治》试题及答案
- 2025年度以新质生产力助推高质量发展等继续教育公需科目试题及答案
- (高清版)DBJ∕T 13-318-2025 《建筑施工盘扣式钢管脚手架安全技术标准》
- 思想道德与法治2023年版电子版教材-1
评论
0/150
提交评论