Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions

Farid Binbeshr; Muhammad Imam

doi:10.1145/3727967.3756841

Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

DevSecOps, which integrates security practices into every phase of DevOps, is increasingly adopted to balance rapid delivery with security needs. Artificial Intelligence (AI) and Machine Learning (ML) techniques are frequently applied in DevSecOps pipelines to automate security checks, improve threat detection, and enforce compliance. Yet, most existing research examines these techniques in isolation without comparing approaches. To address that gap, we performed a systematic literature review (SLR) of AI-driven security solutions in DevSecOps. We evaluated each approach's technical capabilities, implementation challenges, and operational impact. Our review found notable shortcomings in current approaches - particularly in real-world validation, scalability, and seamless integration of AI into development pipelines. We also highlight best practices observed in the literature, identify open research questions, and suggest directions for future work in order to advance AI-enabled DevSecOps.

Original language	English
Title of host publication	Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025
Editors	Muhammad Ali Babar, Ayse Tosun, Stefan Wagner, Viktoria Stray
Publisher	Association for Computing Machinery, Inc
Pages	142-151
Number of pages	10
ISBN (Electronic)	9798400718328
DOIs	https://doi.org/10.1145/3727967.3756841
State	Published - 23 Dec 2025
Event	29th International Conference on Evaluation and Assessment of Software Engineering, EASE 2025 - Istanbul, Turkey Duration: 17 Jun 2025 → 20 Jun 2025

Publication series

Name	Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025

Conference

Conference	29th International Conference on Evaluation and Assessment of Software Engineering, EASE 2025
Country/Territory	Turkey
City	Istanbul
Period	17/06/25 → 20/06/25

Bibliographical note

Publisher Copyright:
© 2025 Copyright held by the owner/author(s).

Keywords

AI
Comparative Analaysis
DevSecOps
Machine Learning
Security automation
Software Security
Systematic Literarture Review

ASJC Scopus subject areas

Software

Access to Document

10.1145/3727967.3756841

Cite this

Binbeshr, F., & Imam, M. (2025). Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions. In M. A. Babar, A. Tosun, S. Wagner, & V. Stray (Eds.), Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025 (pp. 142-151). (Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025). Association for Computing Machinery, Inc. https://doi.org/10.1145/3727967.3756841

Binbeshr, Farid ; Imam, Muhammad. / Comparative Analysis of AI-Driven Security Approaches in DevSecOps : Challenges, Solutions, and Future Directions. Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025. editor / Muhammad Ali Babar ; Ayse Tosun ; Stefan Wagner ; Viktoria Stray. Association for Computing Machinery, Inc, 2025. pp. 142-151 (Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025).

@inproceedings{fd48879a22f4480494f676bbbc317ee4,

title = "Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions",

abstract = "DevSecOps, which integrates security practices into every phase of DevOps, is increasingly adopted to balance rapid delivery with security needs. Artificial Intelligence (AI) and Machine Learning (ML) techniques are frequently applied in DevSecOps pipelines to automate security checks, improve threat detection, and enforce compliance. Yet, most existing research examines these techniques in isolation without comparing approaches. To address that gap, we performed a systematic literature review (SLR) of AI-driven security solutions in DevSecOps. We evaluated each approach's technical capabilities, implementation challenges, and operational impact. Our review found notable shortcomings in current approaches - particularly in real-world validation, scalability, and seamless integration of AI into development pipelines. We also highlight best practices observed in the literature, identify open research questions, and suggest directions for future work in order to advance AI-enabled DevSecOps.",

keywords = "AI, Comparative Analaysis, DevSecOps, Machine Learning, Security automation, Software Security, Systematic Literarture Review",

author = "Farid Binbeshr and Muhammad Imam",

note = "Publisher Copyright: {\textcopyright} 2025 Copyright held by the owner/author(s).; 29th International Conference on Evaluation and Assessment of Software Engineering, EASE 2025 ; Conference date: 17-06-2025 Through 20-06-2025",

year = "2025",

month = dec,

day = "23",

doi = "10.1145/3727967.3756841",

language = "English",

series = "Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025",

publisher = "Association for Computing Machinery, Inc",

pages = "142--151",

editor = "Babar, \{Muhammad Ali\} and Ayse Tosun and Stefan Wagner and Viktoria Stray",

booktitle = "Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025",

}

Binbeshr, F & Imam, M 2025, Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions. in MA Babar, A Tosun, S Wagner & V Stray (eds), Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025. Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025, Association for Computing Machinery, Inc, pp. 142-151, 29th International Conference on Evaluation and Assessment of Software Engineering, EASE 2025, Istanbul, Turkey, 17/06/25. https://doi.org/10.1145/3727967.3756841

Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions. / Binbeshr, Farid ; Imam, Muhammad.
Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025. ed. / Muhammad Ali Babar; Ayse Tosun; Stefan Wagner; Viktoria Stray. Association for Computing Machinery, Inc, 2025. p. 142-151 (Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Comparative Analysis of AI-Driven Security Approaches in DevSecOps

T2 - 29th International Conference on Evaluation and Assessment of Software Engineering, EASE 2025

AU - Binbeshr, Farid

AU - Imam, Muhammad

PY - 2025/12/23

Y1 - 2025/12/23

N2 - DevSecOps, which integrates security practices into every phase of DevOps, is increasingly adopted to balance rapid delivery with security needs. Artificial Intelligence (AI) and Machine Learning (ML) techniques are frequently applied in DevSecOps pipelines to automate security checks, improve threat detection, and enforce compliance. Yet, most existing research examines these techniques in isolation without comparing approaches. To address that gap, we performed a systematic literature review (SLR) of AI-driven security solutions in DevSecOps. We evaluated each approach's technical capabilities, implementation challenges, and operational impact. Our review found notable shortcomings in current approaches - particularly in real-world validation, scalability, and seamless integration of AI into development pipelines. We also highlight best practices observed in the literature, identify open research questions, and suggest directions for future work in order to advance AI-enabled DevSecOps.

AB - DevSecOps, which integrates security practices into every phase of DevOps, is increasingly adopted to balance rapid delivery with security needs. Artificial Intelligence (AI) and Machine Learning (ML) techniques are frequently applied in DevSecOps pipelines to automate security checks, improve threat detection, and enforce compliance. Yet, most existing research examines these techniques in isolation without comparing approaches. To address that gap, we performed a systematic literature review (SLR) of AI-driven security solutions in DevSecOps. We evaluated each approach's technical capabilities, implementation challenges, and operational impact. Our review found notable shortcomings in current approaches - particularly in real-world validation, scalability, and seamless integration of AI into development pipelines. We also highlight best practices observed in the literature, identify open research questions, and suggest directions for future work in order to advance AI-enabled DevSecOps.

KW - AI

KW - Comparative Analaysis

KW - DevSecOps

KW - Machine Learning

KW - Security automation

KW - Software Security

KW - Systematic Literarture Review

UR - https://www.scopus.com/pages/publications/105026934697

U2 - 10.1145/3727967.3756841

DO - 10.1145/3727967.3756841

M3 - Conference contribution

AN - SCOPUS:105026934697

T3 - Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025

SP - 142

EP - 151

BT - Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025

A2 - Babar, Muhammad Ali

A2 - Tosun, Ayse

A2 - Wagner, Stefan

A2 - Stray, Viktoria

PB - Association for Computing Machinery, Inc

Y2 - 17 June 2025 through 20 June 2025

ER -

Binbeshr F , Imam M. Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions. In Babar MA, Tosun A, Wagner S, Stray V, editors, Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025. Association for Computing Machinery, Inc. 2025. p. 142-151. (Proceedings of the 29th International Conference on Evaluation and Assessment in Software Engineering , EASE, 2025 edition, EASE Companion 2025). doi: 10.1145/3727967.3756841

Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this