加速应用重构：AI在DevSecOps中的应用.pdf

1、AcceleratingApplication Refactoring:AI in DevSecOpsJoel KrooswykFederal CTOSecure Software by DesignAugust 7,2024 2024 GitLab Inc.State of the Union in DevSecOpsMemory SafetyMemory SafetyOSSOSSAI Acceleration AI Acceleration Supply ChainSupply ChainSBOMSBOMZero Trust Zero Trust Secure by DesignSecur

2、e by Design 2024 GitLab Inc.AI is already accelerating the SDLCOf public sector respondents are using AI today or plan to in the next 2 years 81%50%50%Reported efficiency gains in within months of AI implementation5 5-10 x10 xTargets for SDLC efficiency gainsSource:2023 DevSecOps survey 2024 GitLab

3、Inc.Cloud MigrationCloud MigrationModernizationModernizationPerformancePerformanceScalabilityScalabilityMemory SafetyMemory SafetyComplianceComplianceTechnical DebtTechnical DebtUnsecured CodeUnsecured CodeVintage VulnerabilitiesVintage VulnerabilitiesEmergent ThreatsEmergent ThreatsDeveloper Knowle

4、dgeDeveloper KnowledgeCost ReductionCost ReductionWith AI acceleration,can we reconsider legacy code?2024 GitLab Inc.Defining refactoring“Refactoring is a controlled technique for improving the design of an existing code base,a disciplined technique for restructuring an existing body of code,alterin

5、g its internal structure without changing its external behavior.”-Martin Fowler 2024 GitLab Inc.Refactoring can drive incredible outcomes Python-C+Now Rust?Many-JavaPerl-Scala 2024 GitLab Inc.Refactoring requiresSufficient developer timeDeep developer skillsAccurate testing2525%Time spent codingOthe

6、rStuffOtherStuffOtherStuffCodingOther Stuff7575%Time spent onall other tasksSource:2023 DevSecOps surveyOtherStuffPrioritizing refactoring is tough 2024 GitLab Inc.“The simplest way is to just clone the code and start hacking away improving the design.”How do we refactor?MeMe 2024 GitLab Inc.RedRed-