As we approached the year 2024, the time for the traditional technology introspective has arrived. In this post I thought I would do a little navel gazing, coupled with a touch of predictive soothsaying an AI, DevOps, DevSecOps and SRE.
2023 has been a very hard year for those engaged in technology roles, the level of redundancies had been unseen since the mass layoffs of 2008, and before that the 2001 Dotcom bubble burst. Many of my good friends have been on the shelf for several months. Personally, I too have not escaped this, being made redundant in April of 2023. To steal a phrase made by my former monarch Queen Elizabeth II in 1992. It has been my personal “annus horribilis”. I look forward to 2024 with the hope that it cannot be as bad this this one. Are we seeing, to use an often misquoted economics phase from Norman Lamont an erstwhile British Chancellor of the Exchequer the “green shoots of recovery”, I think so, inflation is down, I am receiving more calls from recruiters with roles with meaningful conversations rather than just obvious “CV Trawling”. Friends are finally gaining employment after long periods on the bench. Yes, 2023 is a year that is not worth commemorating.
So let’s look forward at what 2024 may bring from a technology perspective, the big standout technology of 2023 was AI; mainly in the form of ChatGTP to be fair, it hit in November 2022, with the release of ChatGPT3, as a limited access OpenAI project, that was trained on a ringfenced training model that only contained information upto to 2021, in March 2023, openAI released ChatGPT4 which had direct internet access and the AI train began to gain speed and the revolution truly began.
This is a technical transformation that may intrinsically affect how we all work and interact with technology. It could even be according to some “doomsayers” the end of times and that may eventually be the case, but not this year. Joking aside, the premise of this article is to envisage how 2024 will pan out, how the dynamic world of technology and software development is as we currently know and are witnessing will change our day-to-day working practices. We will examine our question with respect to the domains of DevOps, DevSecOps, and Site Reliability Engineering (SRE), to see how the integration of artificial intelligence (AI) is set to play a pivotal role in enhancing proficiency and effectiveness. The fusion of AI with these key areas holds the promise to dramatically alter how organizations manage their software development lifecycle, bolster security measures, and ensure operational stability.
How will AI impact DevOps?
We are already seeing Artificial Intelligence unofficially influence DevOps code creation, usurping the role of Google and Stackoverflow as the goto location for guidance. However, it has the capability to directly affect DevOps methodologies across all stages of a projects lifecycle. In the realm of coding, we are already seeing AI-assisted instruments enable developers to mechanize monotonous tasks, craft code snippets automatically, and through advanced static analysis tools, identify possible errors or security issues. This not only speeds up the development process but also improves the integrity and dependability of software products. When it comes to testing, AI revolutionizes traditional methods by utilizing algorithms that can sort through extensive data sets to unveil hidden patterns and anomalies. This innovation brings efficiency in creating test cases, automating their execution, and analyzing results—which enhances testing breadth and accelerates bug detection. In the context of CI/CD (Continuous Integration/Continuous Delivery), Artificial Intelligence refines these workflows by smartly tuning build configurations and preempting likely breakdowns. Additionally, it adeptly manages compute resources distribution for a more streamlined pipeline process—thereby shortening feedback loops, diminishing deployment dangers, and elevating overall workflow productivity. AI will also reinvent how software rollouts are managed by applying intelligent release management techniques. Employing predictive analytics powered by AI to evaluate diverse factors that affect deployment timing while pinpointing potential operational chokepoints; these systems can even automate countermeasures such as rollback strategies when post-deployment challenges arise—guaranteeing continuous service delivery with barely any disruption or adverse customer experience impact. In essence, AI is transforming DevOps practices through its ability to automate tasks strategically, support sophisticated release management approaches, and bolster testing efforts, resulting in improved organizational flexibility. As references supporting these opinions about AI’s impact on DevOps.
How will AI impact DevSecOps?
Next, we will move on the DevOps kissing cousin, DevSecOps, the potential impact of AI on DevSecOps processes and tooling is anticipated to be substantial, as it will enhance security measures, automate tasks, and enable more efficient operations. Within the CNAPP (Cloud Native Application Protection Platform) context, AI can be utilized to analyse and identify potential security threats in cloud-native applications in real time, offering proactive risk management and protection. Similarly, in the realm of CASB (Cloud Access Security Broker) and SASE (Secure Access Service Edge), AI is expected to play a critical role in identifying and responding to security risks across cloud environments for ensuring secure access and data protection. The incorporation of next-generation firewalls with AI capabilities will enable intelligent threat detection and response against sophisticated cyber-attacks. Automation is an area where the AI-driven revolution within DevSecOps will make a significant impact. By simplifying security processes such as vulnerability scanning, patch management, and incident response through intelligent automation powered by AI technology; organizations can achieve faster and more accurate threat mitigation. This transition will also allow human resources to concentrate on strategic security initiatives aimed at strengthening overall organizational security posture. In conclusion, the adoption of AI has the potential to transform DevSecOps by enhancing security measures while facilitating intelligent automation across various tools like CNAPP, CASB, SASE platforms alongside next-generation firewalls.
How will SRE be impacted by AI?
As with DevOps and DevSecOps the field of Site Reliability Engineering (SRE) is also anticipated to undergo a considerable transformation with many traditional tooling like Datadog, New Relic and Prometheus integrating Artificial Intelligence (AI) into their products to enhance decision making capabilities and automated response to threats. This evolution will encompass enhancements in critical SRE components such as Tracing, monitoring and log analysis, monitoring Service Reliability Objectives (SROs), and Service Reliability Indicators (SRIs), to ensure that they are being met. The incorporation of AI-driven capabilities like heightened automation, sophisticated predictive analytics, and more precise anomaly detection stands to augment the proficiency and effectiveness with which SREs can perform their duties. As AI technology continues its trajectory of rapid development, we can expect that SRE methodologies will advance in parallel, adapting to embrace these cutting-edge innovations. Companies like New Relic and Datadog have added the ability to trace the end to end service of AI providing insight in to decision making and usage, and DynaTrace have already have AI integration in the form of Davis, added to their product to enhance decision making and anomaly detection.
Summary
With regards to AI we still very early in the hype cycle, true intelligence and cognitive decision making is a long way off, but the rate of acceleration on features and capability is only increasing. Regarding AI and DevOps, DevSecOps and SRE, for me the most significant area where AI’s influence is expected to make a substantial influence is in predictive analytics within each paradigm’s orbit. By utilizing machine learning models, the teams in charge of development and ongoing operational management can predict issues that might arise within their delivery and lifecycle pipelines and as trust in the responses improves act pre-emptively with proactive solutions to mitigate the issues. This foresight will enable intervention at earlier stages, thereby decreasing the potential for performance or security issues, thus a product will have a more robust release cycle, greater operational security and stability.
Moreover, AI-infused automation, should once its capability has been proven and results are trusted, improve several aspects inherent to DevOps workflows by automating repetitive tasks – including code quality checks, integrity scans, or orchestration efforts; whilst delivering accuracy at an accelerated pace. Leveraging AI for automation not only allocates human talent towards critical thinking tasks but also minimizes chances of errors originating from manual intervention. You could argue that implemented a trusted AI is just another level in building zero human touch infrastructure and services that are repeatable.
In regards to cybersecurity incorporated into DevSecOps initiatives, AI will harness the power of real-time data analysis through sophisticated algorithms These capabilities will allow quicker monitoring of traces, logs and event trends for anomalous behaviours that are indicative of breaches, or bad-actor behaviour; thereby pre-empting threats which enhances protective measures responsiveness possible intrusions. Again this is predicated by trust.
In regards to SRE practices, the SRE team will benefit from an AI’s abilities to optimise system health signal deviations which should improve suggestions and indicators of impending downturns in performance or the ominous doom of an outage; this will allow the teams implement the necessary strategies to stabilise the environment and avoid any operational disruptions Additionally the improved speed that an AI can provide in expediting analytical troubleshooting will contribute to quickly finding the reasons for any incidents; thus potentially decreasing a SRE’s teams mean time repair and increasing reliability overall infrastructure. Again, this will all be predicated by trust in the responses that the AI’s are returning.
Finally, As we look ahead we as an industry must remain mindful of the potential complications and ethical considerations which arise out of automated decision making. We are already seeing more questions about the validity of information returned by AI’s such as ChatGPT and Bard, with worries about training bias, and hallucinogenic responses and answer that are just wrong and would be dangerous to implement without verification. It is for me personally this trust issue that is the most worrysome issue of increased AI dependence. It is a fact that as we automate investigations more amd more, the skills of the people doing troubleshooting will change. They will come to rely on AI results, without actually understanding the necessary workflow of the code snippet, pipeline, test, service trace etc. This to me is the biggest threat of AI, a dumbed down workforce who cannot understand what or how a decision has been made, they will therefore trust the result implicitly. As AI’s get more proficient and be implication appear “more intelligent”, they become the trusted advisor. We are already at the stage were the original developers of AI algorithms do not understand how a result is being generated as we trust more of our data handling to AI’s, factualy verification becomes more needed. Consequently, ongoing education, and re-education of the workforce is paramount to a ensure the successful adaptation that these cutting-edge intelligent technological products will offer.
Therefore, it’s imperative as we embark on future paths, management, senior leaders must remain conscious of and adhere to the principles of ethical use. These need to be coupled with a programme of continuous professional growth to underscore and maintain a balanced workforce, we will still need people to understand the nuts and bolts, those engineers will still need to recognise hallucinations. As AI improves, this need is only increased. blindly following a response is not acceptable, it is akin to “we were only following orders”.
Yes, AI has the potential to revolutionise how we do code, how we test, secure and operationally manage the lifecycle of a product or service, but to slightly misquote the late great Stan Lee “with great power comes greater responsibility”, 2024 is just the start of the journey, we have only, put on our walking boots and opened the door. The journey will be long and eventful, with many potential pitfalls, but pandora box has been opened and all that is now left in there is “hope”, I hope that we really do not mess this up, the biggest worry is that AI’s are trained by flawed humans, and we really do not have a good track record where decision making is concerned and I fear that old adage “sh1t in sh1t out” only now we can do it quicker.
