AI-Driven DevSecOps: Advancing Security and Compliance in Continuous Delivery Pipelines

Abstract

The inclusion of Artificial Intelligence (AI) into the DevSecOps pipelines has revolutionized the way organizations think of the implementation of security and compliance in the Continuous Delivery pipelines. The results on the performance, accuracy, and flexibility have been measurable in the dynamic software environments wherein the teams have utilized AI-enhanced static analysis, vulnerability scanning, real-time threat detection, and automated compliance validation. This paper critically reviews the current state of practice in using AI for the support of DevSecOps tools and methodologies, evaluates empirical performance, and identifies the building blocks of the core architecture and operations of these emerging weapons in the fight against software insecurity. The end of the paper outlines future research directions to overcome the remaining model explainability, data privacy, standardization, and regulatory compliance challenges. The findings indicate that AI plays a major role in expanding and transforming the existing DevSecOps practices and the way security can be used in software engineering workflows.