Hussein A. Al-Hashimi , Rafiq Ahmad Khan , Hathal S. Alwageed , Asaad M. Algarni , Sarra Ayouni , Alaa Omran Almagrabi
{"title":"Exploring the role of generative AI in enhancing cybersecurity in software development life cycle","authors":"Hussein A. Al-Hashimi , Rafiq Ahmad Khan , Hathal S. Alwageed , Asaad M. Algarni , Sarra Ayouni , Alaa Omran Almagrabi","doi":"10.1016/j.array.2025.100509","DOIUrl":null,"url":null,"abstract":"<div><h3>Context</h3><div>The rapid integration of Generative AI (GenAI) technologies in various sectors has introduced new opportunities and challenges. One of the areas where GenAI is gaining prominence is cybersecurity, particularly within the Software Development Life Cycle (SDLC). As cyber threats evolve, there is a growing need to explore innovative solutions to mitigate vulnerabilities during software development.</div></div><div><h3>Objectives</h3><div>This study investigates the role of GenAI in enhancing cybersecurity in the SDLC. It examines current security practices, recent advancements in AI-driven security solutions, and the potential of GenAI to strengthen threat detection, vulnerability management, and risk mitigation. Additionally, the research identifies key opportunities and challenges associated with integrating GenAI into SDLC processes, highlighting its implications for secure software development and future industry practices.</div></div><div><h3>Methods</h3><div>This research employs a mixed-methods approach to investigate the role of GenAI in cybersecurity. Specifically, it combines a Systematic Literature Review (SLR) with questionnaire-based data collection targeting software development and cyber defense experts. The SLR aims to identify prevailing themes and gaps, while the questionnaire gathers insights from IT professionals about their experiences and perspectives on GenAI systems.</div></div><div><h3>Results</h3><div>Our research shows that GenAI technology enhances SDLC security by supporting development through vulnerability detection, threat modeling, secure coding practices, and incident response. However, our review shows that AI adoption introduces ethical risks alongside reliability issues with AI-created results and challenges to integrate it into standard development methods.</div></div><div><h3>Conclusion</h3><div>The integration of GenAI into the SDLC offers significant potential for enhancing cybersecurity. While challenges such as algorithm transparency and the need for skilled professionals remain, the benefits of AI in proactive threat detection and response make it a promising tool for future cybersecurity strategies in software development.</div></div>","PeriodicalId":8417,"journal":{"name":"Array","volume":"28 ","pages":"Article 100509"},"PeriodicalIF":4.5000,"publicationDate":"2025-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Array","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2590005625001365","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
Abstract
Context
The rapid integration of Generative AI (GenAI) technologies in various sectors has introduced new opportunities and challenges. One of the areas where GenAI is gaining prominence is cybersecurity, particularly within the Software Development Life Cycle (SDLC). As cyber threats evolve, there is a growing need to explore innovative solutions to mitigate vulnerabilities during software development.
Objectives
This study investigates the role of GenAI in enhancing cybersecurity in the SDLC. It examines current security practices, recent advancements in AI-driven security solutions, and the potential of GenAI to strengthen threat detection, vulnerability management, and risk mitigation. Additionally, the research identifies key opportunities and challenges associated with integrating GenAI into SDLC processes, highlighting its implications for secure software development and future industry practices.
Methods
This research employs a mixed-methods approach to investigate the role of GenAI in cybersecurity. Specifically, it combines a Systematic Literature Review (SLR) with questionnaire-based data collection targeting software development and cyber defense experts. The SLR aims to identify prevailing themes and gaps, while the questionnaire gathers insights from IT professionals about their experiences and perspectives on GenAI systems.
Results
Our research shows that GenAI technology enhances SDLC security by supporting development through vulnerability detection, threat modeling, secure coding practices, and incident response. However, our review shows that AI adoption introduces ethical risks alongside reliability issues with AI-created results and challenges to integrate it into standard development methods.
Conclusion
The integration of GenAI into the SDLC offers significant potential for enhancing cybersecurity. While challenges such as algorithm transparency and the need for skilled professionals remain, the benefits of AI in proactive threat detection and response make it a promising tool for future cybersecurity strategies in software development.