By Emilio Salvador, vice president of strategy and developer relations at GitLab
Things we expect to simplify life sometimes complicate it.
Installing a new app-based home security system may require learning to use
different tools or dealing with false alarms. If you get an electric vehicle,
you experience lower fuel costs for your commute, but you may need to adjust to
new controls and be mindful of range.
Sometimes, unexpected side effects are the consequences of
adopting something new.
AI, still nascent, takes this "complication" concept to the next
level. Even tech-savvy developers may feel like somebody is moving their cheese. AI promises to simplify work for
developers, and it does for repetitive tasks, but it's not without tradeoffs or
existential concerns about safety and careers.
One question I hear often is whether AI code assistants will
augment a developer's current workflow or whether they will need to adapt to a
new way of working. The answer, as I see it, is both. There's a learning curve
for humans and AI tools using large language models. However, AI code
assistants will tap into specialized models more closely tailored to
developers' workflows over time.
Adopt a Holistic Approach to AI Implementation
Developers need to be mindful of delegating strategy to AI. While
applying AI to the entire software development life cycle is beneficial, you
cannot rely on AI alone without a human providing thoughtful oversight. An AI
assistant's capabilities are directly tied to the quality of the code it relies
on.
Implementing AI isn't as simple as flipping a light switch. To
harness its efficiencies safely and strategically, organizations should adopt a
gradual approach, starting with low-risk areas to avoid pitfalls and allow
developer teams to experiment with how AI and other tools fit with their
workflows. There could be a temporary dip in productivity before realizing
long-term efficiency gains, and leadership should prepare for that.
To begin, organizations should adopt a holistic approach to AI
implementation, considering how changes in one area might affect others down
the line. Common challenges in AI adoption include resistance to change and a
potential decline in code quality as AI-driven code volume increases.
Understanding how the entire software development life cycle benefits from AI
is essential for successful adoption.
Organizations can then start implementing guardrails and policies
for AI usage, including employee guidelines, data sanitization practices,
in-product disclosures and moderation capabilities. Additionally, they must
actively participate in well-tested vulnerability detection and remediation
programs.
The path to improving software development involves continuous
evaluation and adjustment of AI tools to ensure they deliver the desired
efficiency benefits.
Homing in on the Right Outcomes
A
recent survey by GitLab showed that developers
spend just 25% of their day writing code; the rest is devoted to fixing errors,
resolving security issues and updating legacy systems. Automating these tasks
with AI allows developers to use their expertise more effectively and focus on
problem-solving rather than recreating existing code. This not only drives
innovation but also enhances job satisfaction.
From a business standpoint, objectives such as improving developer
productivity and producing better and more secure code are common KPIs.
Reducing complexity for development teams includes eliminating wasted effort
such as code duplication. These refinements enhance the developer experience
and can lead to vastly improved cycle times.
These are tangible improvements, but other challenges remain. Take code review,
which has been shown to improve code but often impedes progress as developers
wait for review. AI improves code reviews and creates comprehensive testing
scenarios, enhancing code reliability and reducing bugs, which leads to
improved software quality and higher customer satisfaction.
Furthermore, AI can predict development bottlenecks and automate
routine tasks, leading to more predictable release cycles and faster market
entry. Its ability to rapidly and accurately tailor software to user feedback
ensures that products more effectively meet customer needs and expectations.
Fighting Fire with Fire: AI and Cybersecurity
Staying focused on what matters doesn't just apply to automating
code review and improving development cycles. Reducing complexity in software
development also yields significant security benefits.
Developers recognize that AI is needed to fight fire with fire.
The ever-increasing volume and sophistication of cyberattacks, combined with
the complexity of organizations' tech stacks, significantly contribute to
security frustrations.
While some complexity is unavoidable when building large,
multifaceted software systems, organizations should take steps to avoid it,
such as difficult-to-maintain code repositories and redundant dependencies.
This unnecessary complexity creates a larger attack surface and generates more
security findings for teams to sort through, prioritize, and address.
AI can provide security guardrails to prevent problems such as
injecting harmful answers into a large language model while proactively
assisting developers in creating more secure and compliant software.
For example, the new generation of AI-powered development tools
evaluates code to ensure it doesn't introduce vulnerabilities and can help
explain them if they are introduced. With predictive threat analysis, AI can
scan code for security threats and automatically apply patches or reconfigure
security settings in response to emerging vulnerabilities. Compliance
monitoring is another burden that AI development tools can help lift for
software engineering teams.
Automation will accelerate AI innovation as development teams
deploy tools that progress from code explanations to code suggestions.
Meanwhile, by transferring repetitive development tasks to AI, developers can
tackle complex problems and address opportunities, steering and supervising
what AI tools produce and intervening when needed.
By approaching AI with intention and providing development teams
with the proper training and time to experiment, organizations can motivate
them to play an active role in integrating AI into their workflows, which will
ultimately achieve the optimal outcome: reduced complexity.
##
ABOUT THE AUTHOR
Emilio Salvador is vice president of strategy and developer relations at GitLab. A technology executive with more than 20 years of experience, Emilio has held roles at Amazon and Microsoft, and most recently led strategy and operations for the Developer Advocacy and Experience team at Google. He holds an MBA from MIT Sloan School of Management.