Home » Cybersecurity » Analytics & Intelligence » AI, DevSecOps, and the Future of Application Security: The Gartner® Report

AI, DevSecOps, and the Future of Application Security: The Gartner® Report

by Aaron Linskens on April 7, 2026

Even as organizations recognize the importance of application security, most still struggle to operationalize it at scale. That gap becomes harder to ignore as development accelerates, AI becomes embedded in workflows, and software supply chains grow more complex.

At the same time, three major shifts are redefining how application security actually works in practice:

AI-augmented development.
The growing role of developer experience in DevSecOps.
The consolidation of security tooling into unified platforms.

Taken together, these trends point to a simple reality that application security is not only evolving, but also undergoing a fundamental restructure.

AI Accelerates Development but Expands Risk

Generative AI has quickly moved from experimentation to everyday development.

Teams using AI coding assistants write code faster, reduce manual effort, and streamline workflows. Despite the productivity gains, speed introduces a new challenge: more code, more dependencies, and more potential vulnerabilities entering the system.

This isn’t a novel problem. It’s a scaling problem.

Modern applications already rely heavily on open source packages, many of which contain known vulnerabilities. AI doesn’t change that dynamic. It amplifies it by increasing the volume and velocity of code being produced.

There’s also a second layer of risk emerging. AI tools themselves introduce new attack surfaces, from insecure recommendations to unexpected behaviors. In some cases, models can suggest outdated, vulnerable, or even nonexistent dependencies — creating entirely new categories of supply chain risk.

Development is getting faster, but the margin for error is shrinking.

AI Also Becomes Part of the Solution

The same technology driving this acceleration is also starting to reshape how teams handle security.

AI-assisted remediation tools are emerging to help developers understand vulnerabilities, prioritize fixes, and resolve issues more quickly. Instead of treating security as a separate step, these tools bring guidance directly into developer workflows.

This shift matters because the bottleneck (Read more...)

*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Aaron Linskens. Read the original post at: https://www.sonatype.com/blog/ai-devsecops-and-the-future-of-application-security-the-gartner-report

April 7, 2026April 15, 2026 Aaron Linskens AI, Analyst Report, Application Security, Artificial Intelligence, developers, DevSecOps, Gartner, Report

AI, DevSecOps, and the Future of Application Security: The Gartner® Report

AI Accelerates Development but Expands Risk

AI Also Becomes Part of the Solution

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Randall Munroe’s XKCD ‘Bottle’