Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions
Farid Binbeshr, Muhammad Imam
TL;DR
This paper conducts a systematic literature review to compare AI-driven security approaches within DevSecOps. It analyzes 18 primary studies (2015–2024) across five AI usage clusters, evaluating technical capabilities, implementation requirements, and operational impacts. Key findings highlight the growth of shift-left security, privacy challenges in multi-cloud deployments, and the need for empirical validation and lightweight, scalable models. The authors propose future directions including lightweight edge models, federated and privacy-preserving methods, and human-centric security training to improve practical adoption in real-world DevSecOps settings.
Abstract
The integration of security within DevOps, known as DevSecOps, has gained traction in modern software development to address security vulnerabilities while maintaining agility. Artificial Intelligence (AI) and Machine Learning (ML) have been increasingly leveraged to enhance security automation, threat detection, and compliance enforcement. However, existing studies primarily focus on individual aspects of AI-driven security in DevSecOps, lacking a structured comparison of methodologies. This study conducts a systematic literature review (SLR) to analyze and compare AI-driven security solutions in DevSecOps, evaluating their technical capabilities, implementation challenges, and operational impacts. The findings reveal gaps in empirical validation, scalability, and integration of AI in security automation. The study highlights best practices, identifies research gaps, and proposes future directions for optimizing AI-based security frameworks in DevSecOps.
