AI code technology is operating uncontrolled, with eight-in-ten organizations adopting AI instruments quicker than they’ll develop insurance policies to control them, new analysis has warned.
In response to GitLab’s AI Accountability Report, 92% are going through governance challenges with AI-generated code as fast adoption continues.
Greater than nine-in-ten have two or extra AI coding instruments in energetic use, the research discovered, whereas 54% have three or extra. In the meantime, 78% report that builders are writing and committing code quicker since adopting AI instruments.
Groups are usually proud of the outcomes, with six-in-ten saying that the ROI of AI coding is best than they’d anticipated. Greater than three quarters (78%) additionally report quicker code output and 73% mentioned total code high quality has improved.
Nonetheless, whereas 79% agree that particular person developer productiveness has improved with AI, the general software program supply course of has not accelerated on the identical tempo.
Certainly, 82% say that AI-generated code risks creating a new form of technical debt that organizations aren’t prepared to manage.
“AI coding tools have delivered on their promise of speed,” said Manav Khurana, chief product and marketing officer at GitLab.
“But the events of the past few months, including supply chain attacks, reliability issues, and regulators tightening expectations around AI traceability and provenance are making clear that speed without control is a liability, not an advantage.”
AI coding is creating new bottlenecks
Notably, 85% agree that AI has shifted the bottleneck from writing code to reviewing and validating it, and 84% that the biggest challenge with AI-generated code is governing what happens to it after it’s created.
Nearly-three quarters are concerned about the maintainability of AI-generated code in their organization’s codebase.
GitLab also raised concerns about a prevailing trend of overconfidence when it comes to AI coding. The majority (87%) said they’re confident that teams could determine within 24 hours whether AI-generated code contributed to a production incident, for example.
Yet more than one-third (34%) of organisations fail to spot potential issues before an incident took place.
This appears to be down to difficulty distinguishing AI-generated from human-written code (43%), fragmented toolchains (40%), and systems that don’t track code origin (39%).
Only 28% say their software development lifecycle (SDLC) tools are fully integrated with shared data and workflows.
New governance practices are needed
According to GitLab, what’s missing is clarity around governance. The majority (83%) of organizations identify AI-generated code accumulation as a risk to manage now, with 44% calling it a top technology risk.
On the upside, 91% of survey respondents said they are likely to invest in AI code governance tools in the next 12 months, and 98% have already allocated or expect to allocate budget toward these efforts.
Crucially, 85% agree the next phase of AI in software will focus less on generating code and more on governing it.
“The teams thinking ahead are already asking the harder question: can we actually control all the code we’re generating?” said Khurana.
“The organizations that will ship trusted software faster are the ones building the foundations of accountability with context, traceability, and governance baked into the platform, not just bolted on after the fact.”
AI governance has been a persistent challenge for developers, with research from Aikido last year concluding that AI-generated code is now the cause of one-in-five breaches.
The study noted that 69% of security leaders, engineers, and developers had identified serious vulnerabilities in AI-generated code.
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to maintain tabs on all our newest information, evaluation, views, and evaluations.
You can too follow ITPro on LinkedIn, X, Facebook, and BlueSky.