In a recent interview, Naresh Mehta, the Chief Technology & Innovation Officer of Tata Consultancy Services’ Manufacturing Business, discussed the revolutionary concept of “touchless” DevSecOps being spearheaded by GenAI. GenAI envisions a software development journey akin to a self-driving car, with AI managing navigation and optimization while humans monitor and intervene as needed. This raises questions about the feasibility of this approach and whether GenAI can truly help us achieve this vision.
One key question is whether touchless DevSecOps can be applied across all scenarios, including on-premises, hybrid, and native cloud environments. Another question is the timeframe for implementation – is this technology three years away, five years away, or even further down the line? Despite these uncertainties, Mehta highlights the potential of AI to transform key functions within the DevSecOps cycle.
One area where GenAI shows promise is in low-touch or zero-touch infrastructure provisioning. It can generate standardized infrastructure configurations, deploy them on cloud platforms, automatically scale based on demand, optimize resource allocation, and proactively monitor and resolve issues to ensure optimal performance. Additionally, GenAI can provide architectural assistance by proposing potential patterns based on requirements, optimizing existing patterns, and automating tasks like generating diagrams and configuration files.
Mehta also discusses the potential of AI in code generation and performance optimization. By leveraging existing code patterns and incorporating human review, GenAI can generate code, unit test cases, and documentation, as well as suggest improvements for security and performance through refactoring and optimization. He envisages a collaboration where developers act as composers and AI machines act as the band or orchestra, bringing their vision to life.
Automated testing and quality assurance are other areas where GenAI can make a significant impact. By generating comprehensive test cases, analyzing test results, detecting defects, and prioritizing issues based on severity, GenAI can guide developers towards addressing critical issues first. Furthermore, GenAI can play a proactive role in security by analyzing data to identify potential breaches, suggesting patches for vulnerabilities, and assisting in code scanning prioritization.
Finally, Mehta touches on the benefits, challenges, and considerations surrounding the adoption of GenAI in DevSecOps. While the technology offers increased efficiency, speed, reliability, and business agility, challenges relating to data quality, interpretability, security, and governance must be addressed. Despite these challenges, he expresses enthusiasm for unlocking the full potential of GenAI and invites others to share their thoughts on the timeline for its adoption.
