AI for Continuous Security in DevOps (DevSecOps): Integrating Machine Learning into CI/CD Pipelines
Keywords:
Artificial Intelligence, DevSecOps, instruments, remediationAbstract
The paper determines the impact that Artificial Intelligence (AI) has on security practises in DevSecOps environments when integrated into the Continuous Integration Continuous Delivery (CI/CD) pipelines. The research explores how AI-powered instruments combined with machine learning algorithms can foster security testing and improve vulnerability detection and automatic remediation, deliver threat intelligence and maintain DevSecOps speed performance. The research shows that AI helps improve security vulnerability detection and resolution because it enables faster identification and accuracy so that unknowns can be solved immediately. There are still challenges in developing AI models and system integration complexities that an organisation has no control over. Human security tests of AI systems are necessary to help the regular development of improvements in AI models. Organisations must create AI investment plans by finding sensible artificial intelligence tools and establishing open and ethical regulations. Research reveals that AI holds important value for DevSecOps security development, though complete assessment of both procedural aspects and artificial intelligence algorithms remains necessary during installation. Future research must tackle current limitations before researchers can create next-generation artificial intelligence models to combat rising cybersecurity threats.
Downloads
References
Yarlagadda, R.T., 2019. How DevOps enhances the software dévelopment quality. International Journal of Creative Research Thoughts (IJCRT), ISSN, pp.2320-2882.
Manchana, R., 2021. The DevOps Automation Imperative: Enhancing Software Lifecycle Efficiency and Collaboration. European Journal of Advances in Engineering and Technology, 8(7), pp.100-112.
Ugwueze, V.U. and Chukwunweike, J.N., 2024. Continuous integration and deployment strategies for streamlined DevOps in software engineering and application delivery. Int J Comput Appl Technol Res, 14(1), pp.1-24.
Owoade, S.J., Uzoka, A., Akerele, J.I. and Ojukwu, P.U., 2024. Cloud-based compliance and data security solutions in financial applications using CI/CD pipelines. World Journal of Engineering and Technology Research, 8(2), pp.152-169.
Butter, K., 2024. Shifting Security Left: A Qualitative Study (Doctoral dissertation, Capella University).
D'Onofrio, D.S., Fusco, M.L. and Zhong, H., 2023. CI/CD Pipeline and DevSecOps Integration for Security and Load Testing (No. SAND-2023-08255). Sandia National Lab.(SNL-NM), Albuquerque, NM (United States).
Tatineni, S., 2024. Integrating Artificial Intelligence with DevOps: Advanced Techniques, Predictive Analytics, and Automation for Real-Time Optimization and Security in Modern Software Development. Libertatem Media Private Limited.
Kokku, R., Revolutionizing DevOps Security: AI and ML-Enabled Automated Testing Approaches.
Kyler, T., 2024. AI-Driven DevSecOps: Integrating Security into Continuous Integration and Deployment Pipelines.
Bahaa, A., Abdelaziz, A., Sayed, A., Elfangary, L. and Fahmy, H., 2021. Monitoring real time security attacks for IoT systems using DevSecOps: a systematic literature review. Information, 12(4), p.154.
El Aouni, F., Moumane, K., Idri, A., Najib, M. and Jan, S.U., 2024. A systematic literature review on Agile, Cloud, and DevOps integration: Challenges, benefits. Information and Software Technology, p.107569.
Vadde, B.C. and Munagandla, V.B., 2023. Security-First DevOps: Integrating AI for Real-Time Threat Detection in CI/CD Pipelines. International Journal of Advanced Engineering Technologies and Innovations, 1(03), pp.423-433.
Fu, M., Pasuksmit, J. and Tantithamthavorn, C., 2024. Ai for devsecops: A landscape and future opportunities. ACM Transactions on Software Engineering and Methodology.
Moeez, M., Mahmood, R., Asif, H., Iqbal, M.W., Hamid, K., Ali, U. and Khan, N., 2024. Comprehensive Analysis of DevOps: Integration, Automation, Collaboration, and Continuous Delivery. Bulletin of Business and Economics (BBE), 13(1).
Banala, S., 2024. DevOps Essentials: Key Practices for Continuous Integration and Continuous Delivery. International Numeric Journal of Machine Learning and Robots, 8(8), pp.1-14.
MUSTYALA, A., 2022. CI/CD Pipelines in Kubernetes: Accelerating Software Development and Deployment. EPH-International Journal of Science And Engineering, 8(3), pp.1-11.
Dapshima, B.A. and Ahmad, S.K., 2024. Evaluation and Assessment of Software Security Risks and Vulnerabilities Within the Realm of Secure DevOps. no. July.
Thota, R.C., 2024. Cloud-Native DevSecOps: Integrating Security Automation into CI/CD Pipelines. INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY, 10(6), pp.1-19.
Rajapakse, R.N., Zahedi, M., Babar, M.A. and Shen, H., 2022. Challenges and solutions when adopting DevSecOps: A systematic review. Information and software technology, 141, p.106700.
Rangnau, T., Buijtenen, R.V., Fransen, F. and Turkmen, F., 2020, October. Continuous security testing: A case study on integrating dynamic security testing tools in ci/cd pipelines. In 2020 IEEE 24th International Enterprise Distributed Object Computing Conference (EDOC) (pp. 145-154). IEEE.
Geluvaraj, B., Satwik, P.M. and Ashok Kumar, T.A., 2019. The future of cybersecurity: Major role of artificial intelligence, machine learning, and deep learning in cyberspace. In International Conference on Computer Networks and Communication Technologies: ICCNCT 2018 (pp. 739-747). Springer Singapore.
Ozkan-Okay, M., Akin, E., Aslan, Ö., Kosunalp, S., Iliev, T., Stoyanov, I. and Beloev, I., 2024. A comprehensive survey: Evaluating the efficiency of artificial intelligence and machine learning techniques on cyber security solutions. IEEe Access, 12, pp.12229-12256.
Yulianto, S. and Ngo, G.N.C., 2024, September. Enhancing DevSecOps Pipelines with AI-Driven Threat Detection and Response. In 2024 International Conference on ICT for Smart Society (ICISS) (pp. 1-8). IEEE.
Hassan, S.K. and Ibrahim, A., 2023. The role of artificial intelligence in cyber security and incident response. International Journal for Electronic Crime Investigation, 7(2).
Saad, W. and Aslam, M., 2023. The Role of Artificial Intelligence in Remediation and Risk Mitigation for Cybersecurity.
Myllynen, T., Kamau, E., Mustapha, S.D., Babatunde, G.O. and Collins, A., 2024. Review of advances in AI-powered monitoring and diagnostics for CI/CD pipelines. International Journal of Multidisciplinary Research and Growth Evaluation, 5(1), pp.1119-1130.
Nandi, S., 2024. EVALUATING THE EFFECTIVENESS OF SECURITY TESTING TOOLS IN AUTOMATED TESTING.
Sarker, I.H., 2021. Machine learning: Algorithms, real-world applications and research directions. SN computer science, 2(3), p.160.
Khan, S. and Parkinson, S., 2018. Review into state of the art of vulnerability assessment using artificial intelligence. Guide to Vulnerability Analysis for Computer Networks and Systems: An Artificial Intelligence Approach, pp.3-32.
Prince, N.U., Faheem, M.A., Khan, O.U., Hossain, K., Alkhayyat, A., Hamdache, A. and Elmouki, I., 2024. AI-powered data-driven cybersecurity techniques: Boosting threat identification and reaction. Nanotechnology Perceptions, 20, pp.332-353.
Pala, S.K., Study to Develop AI Models for Early Detection of Network Vulnerabilities. International Journal of Enhanced Research in Science, Technology & Engineering ISSN, pp.2319-7463.
Komaragiri, V.B. and Edward, A., 2022. AI-Driven Vulnerability Management and Automated Threat Mitigation. International Journal of Scientific Research and Management (IJSRM), 10(10), pp.981-998.
Manda, J.K., 2024. AI-powered Threat Intelligence Platforms in Telecom: Leveraging AI for Real-time Threat Detection and Intelligence Gathering in Telecom Network Security Operations. Available at SSRN 5003638.
Jimmy, F., 2021. Emerging threats: The latest cybersecurity risks and the role of artificial intelligence in enhancing cybersecurity defenses. Valley International Journal Digital Library, 1, pp.564-74.
Allam, A.R., 2023. Enhancing Cybersecurity in Distributed Systems: DevOps Approaches for Proactive Threat Detection. Silicon Valley Tech Review, 2(1), pp.54-66.
Tyagi, A., 2021. Intelligent DevOps: Harnessing Artificial Intelligence to Revolutionize CI/CD Pipelines and Optimize Software Delivery Lifecycles. Journal of Emerging Technologies and Innovative Research, 8, pp.367-385.
Lawal, K., 2025. Real-Time Threat Intelligence: AI-Driven Automation and Response.
Cui, J., 2024. The Enhancement of Software Delivery Performance through Enterprise DevSecOps and Generative Artificial Intelligence in Chinese Technology Firms. arXiv preprint arXiv:2411.02255.
Ayidiya, M., 2023. AI Usage in Development, Security, and Operations (Doctoral dissertation, Walden University).
Camacho, N.G., 2024. Unlocking the potential of AI/ML in DevSecOps: effective strategies and optimal practices. Journal of Artificial Intelligence General science (JAIGS) ISSN: 3006-4023, 3(1), pp.106-115.
Cheenepalli, J., Hastings, J.D., Ahmed, K.M. and Fenner, C., 2025. Advancing DevSecOps in SMEs: Challenges and Best Practices for Secure CI/CD Pipelines. arXiv preprint arXiv:2503.22612.
Chittala, S., 2024. Securing DevOps Pipelines: Automating Security in DevSecOps Frameworks. JOURNAL OF RECENT TRENDS IN COMPUTER SCIENCE AND ENGINEERING (JRTCSE), 12(5), pp.31-44.
Zhao, X., Clear, T. and Lal, R., 2024. Identifying the primary dimensions of DevSecOps: A multi-vocal literature review. Journal of Systems and Software, p.112063.
Heijstek, A., 2023. Bridging theory and practice: insights into practical implementations of security practices in secure devops and ci/cd environments (Doctoral dissertation, Ph. D. thesis, Universiteit van Amsterdam).
Akbar, M.A., Smolander, K., Mahmood, S. and Alsanad, A., 2022. Toward successful DevSecOps in software development organizations: A decision-making framework. Information and Software Technology, 147, p.106894.
Dasanayake, S.D.L.V., Senanayake, J. and Wijayanayake, W.M.J.I., 2025. Devsecops for Continuous Security in Trading Software Application Development: a Systematic Literature Review. Journal of desk research review and analysis, 2(2).
Nutalapati, V., 2023. Automated Security Testing for Mobile Apps: Tools, Techniques, and Best Practices. International Research Journal of Engineering & Applied Sciences (IRJEAS), 11(1), pp.26-31.
Neupane, K., Continuous Automation with DevOps practices for Threat Detection.
Sapkota, D., 2023. A Framework of DevSecOps for Software Development Teams (Doctoral dissertation, University of Turku).
Antiya, D., 2024. DevOps for Compliance: Building Automated Compliance Pipelines for Cloud Security. Xoffencer international book publication house.
Pandya, K., 2024. Automated Software Compliance Using Smart Contracts and Large Language Models in Continuous Integration and Continuous Deployment With DevSecOps (Master's thesis, Arizona State University).
SEKER, S.E., 2024. Experiences and Challenges in AI-Driven Modular Software Development Using Large Language Models for Code Generation.
Pahune, S. and Akhtar, Z., 2025. Transitioning from MLOps to LLMOps: Navigating the Unique Challenges of Large Language Models. Information, 16(2), p.87.
Bishop, S., 2024. AI for Continuous Compliance and Policy Enforcement in DevOps Security Frameworks.
Waizel, G., 2024, July. Bridging the AI divide: The evolving arms race between AI-driven cyber attacks and AI-powered cybersecurity defenses. In International Conference on Machine Intelligence & Security for Smart Cities (TRUST) Proceedings (Vol. 1, pp. 141-156).
Pasam, P.R.A.S.A.N.N.A., Kothapalli, K.R.V., Mohammed, R.A.H.I.M.O.D.D.I.N. and Ying, D.E.N.G., 2023. Integrating Data Remediation Strategies in Robotic Data Processing. American Digits: Journal of Computing and Digital Technologies, 1(1), pp.90-104.
Jawed, M., 2019. Continuous security in DevOps environment: Integrating automated security checks at each stage of continuous deployment pipeline (Doctoral dissertation, Wien).
Salman, A.M., Al-Nuaimi, B.T., Subhi, A.A., Alkattan, H. and Alfilh, R.H., 2025. Enhancing cybersecurity with machine learning: A hybrid approach for anomaly detection and threat prediction. Mesopotamian Journal of CyberSecurity, 5(1), pp.202-215.
Ofili, B.T., Obasuyi, O.T. and Osaruwenese, E., 2024. Threat intelligence and predictive analytics in USA cloud security: mitigating AI-driven cyber threats. Int J Eng Technol Res Manag, 8(11), p.631.
Chung, J., 2024. DevSecOps Metrics, Benefits, and Improvements (Doctoral dissertation, National University).
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
