《Black Duck：2025年全球DevSecOps （开发、安全和运维）状况报告：平衡AI应用与风险（英文版）（20页）.pdf》由会员分享，可在线阅读，更多相关《Black Duck：2025年全球DevSecOps （开发、安全和运维）状况报告：平衡AI应用与风险（英文版）（20页）.pdf（20页珍藏版）》请在三个皮匠报告上搜索。

1、BLACKDUCK.COM|1BALANCING AI USAGE AND RISK IN 2025THE GLOBAL STATE OF DEVSECOPSBLACKDUCK.COM|2CONTENTSRecommendations and Outlook.11The Mandate for Workflow Integration.11Actionable Recommendations.11Future Outlook.12How Black Duck Can Help.13From Security Debt to Security Assurance.13Unifying the A

2、ST Landscape with a Single Platform.13Embedding Security into the Developers Native Workflow.14Leveraging AI as a Security Force Multiplier.14Tracking Open Source AI Models in Critical Projects.15A Tailored Approach for Your Role.15For Executive Leaders:Transforming Systemic Risk into Competitive Ad

3、vantage.15For Hands-on Practitioners:Building Secure Software Without Sacrificing Speed.15Conclusion:Building Trust in Your Software.15Appendix A:Full Survey Questions and Responses.16Appendix B:Detailed Respondent Demographics.19Navigating Speed,Friction,and AI in DevSecOps.3Why You Should Read Thi

4、s Report.3For Executive Leaders.3For DevSecOps Professionals.3Survey Methodology.3Executive Summary:Key Findings.4“Sec”Lags Behind“Dev”and“Ops”.6Velocity as the New Standard.6The Automation Maturity Gap.6More Tools,More Problems.6Mapping the AST Ecosystem.7Drowning in False Positives.7The Persistent

5、“Speed vs.Security”Dilemma.8AI Disruption:A Double-Edged Sword.9Widespread Adoption of AI and Shadow AI.9Risk vs.Security.9A Dangerous Disconnect?.10BLACKDUCK.COM|3NAVIGATING SPEED,FRICTION,AND AI IN DEVSECOPSThe goal of DevSecOps has always been to ensure that speed and safety are on equal footing.

6、Black Ducks latest research reveals that although many organizations have successfully built high-velocity development pipelines,security automation lags far behind.Our research also shows that a proliferation of security tools intended to identify and manage risk has created the opposite effect:a c