1、Insights and Trends in Software Security Testing from Black Duck Global State of DevSecOps Executive Summary.1About Black Duck.1Findings Overview.2AI-assisted development soars but securing AI-generated code lags far behind.2Parallels between securing AI-generated code and securing open source.2An i

2、ncreased focus on software security testing.2Too much noise,too many tools.3Looking ahead.3A Deep Dive into the State of DevSecOps in 2024.4Three priorities are driving security testing.4Protecting sensitive information.4Adhering to best practices.4Automating and ensuring ease of test configuration.

3、5Trending toward centralization.5A struggle to attain full security coverage.5Who determines when security tests are run.6A tool proliferation challenge.7The noise factor.7Role-based differences.7The AI revolution in security testing.8Worldwide AI adoption.8Most respondents not confident theyre secu

4、ring AI-generated code.10Interpreting and acting on security test results.12Role-based differences.12Geographical differences.12Different approaches to parsing and cleansing results.12Table of CTable of ContentsFrom interpretation to action.14Constant security testing vs.development speed tension.14

5、Role-based differences.14How remediation is accomplished.15Prioritizing issues for remediation.15What happens when security issues are discovered.15How developers are informed of issues.16Conclusion.17A|1Executive SummaryIt is a time of radical change in software development,with organizations in ev

6、ery industry recognizing the need for robust,efficient security processes that can keep pace with new development practices,such as AI-assisted coding.The findings in the“Global State of DevSecOps 2024”report are based on a comprehensive survey that Black Duck commissioned from Censuswide,an interna