By Paul Krill
In JFrog’s just-released Software Supply Chain State of the Union 2024 report, the software supply chain platform provider found extensive use of AI and machine learning tools for security. However, only one in three software developers the company surveyed use generative AI to write code.
While 90% of survey respondents indicate their organizations currently use AI/ML-powered tools in some capacity to assist in security scanning and remediation, only about one in three professionals, 32%, said their organizations use AI/ML-powered tools to write code. This indicates the majority still are wary of the potential vulnerabilities that AI-generated code can introduce to enterprise software, JFrog said.
Released March 19, JFrog’s report combines JFrog Artifactory developer usage data from more than 7,000 organizations, original CVE (Common Vulnerabilities and Exposures) analysis by the JFrog security research team, and commissioned third-party survey data of 1,200 technology professionals worldwide to provide context into the software supply chain landscape.
The report also notes that nearly half of respondents, 47%, said they use between four and nine application security solutions. One-third said they are using 10 or more application security solutions.
Other findings in JFrog’s Software Supply Chain State of the Union 2024 report:
