Trending
Digital IT News
Balancing AI Usage and Risk in 2025

Black Duck Released the Balancing AI Usage and Risk in 2025 Report

0
By on AI, DevOps, News, Security, Survey Data
Black Duck® Software, Inc. has published the report “Balancing AI Usage and Risk in 2025: The Global State of DevSecOps,” offering practical guidance for executives and practitioners alike. It highlights the importance of establishing strong AI governance frameworks, streamlining application security testing tools, and investing in security solutions designed for developers.

Development teams are releasing code at an unprecedented speed, but security practices aren’t keeping pace. Black Duck’s Balancing AI Usage and Risk in 2025 research reveals that nearly 60% of respondents report deploying code daily or more frequently. But manual security practices can cause substantial challenges as AI-enabled development pipelines transform the very foundations of DevSecOps.

The comprehensive survey of over 1,000 global software and security professionals conducted in July and August 2025 highlights several critical challenges facing DevSecOps teams today:

  • Security lags behind development: Despite rapid deployment frequencies, 46% of companies still rely on manual processes to get new code into the security testing queue, leading to incomplete coverage, greater friction with development teams, and growing security debt.
  • Tool sprawl crisis: Over 71% of respondents report that a significant portion of their security alerts are “noise”—false positives or duplicate findings from different tools, destroying the ROI of security investments.
  • Speed vs. security dilemma: An overwhelming 81% of professionals say that application security testing slows down development and delivery, creating tension between development and security teams.
  • AI is a double-edged sword: AI is perceived as both a powerful tool for improving security and a significant new source of complex risks. While 63% believe AI helps write more-secure code, 57% agree it introduces novel security risks.
  • The need for workflow integration: The top priority for improving application security testing is “better development workflow integration,” chosen by 27% of respondents, indicating the need to shift toward embedding security seamlessly into developer workflows.

“The findings paint a clear picture: the old ways of doing application security aren’t working, and speed without integrated security creates risk for companies,” said Jason Schmitt, CEO of Black Duck. “To navigate this new world, development teams must shift from a reactive, tool-centric model to a proactive, platform-based strategy that integrates security directly into developer workflows to achieve true scale application security.”

To learn more, download a copy of the “Balancing AI Usage and Risk in 2025: The Global State of DevSecOps” report here.

Related News:

Black Duck Security GitHub App Simplifies and Scales Repository Scans

Black Duck Customer Value Study Reveals Transformative Benefits

Share.

About Author

Taylor Graham, marketing grad with an inner nature to be a perpetual researchist, currently all things IT. Personally and professionally, Taylor is one to know with her tenacity and encouraging spirit. When not working you can find her spending time with friends and family.

Related Posts