{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,17]],"date-time":"2026-04-17T16:58:00Z","timestamp":1776445080721,"version":"3.51.2"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,17]]},"DOI":"10.1145\/3727967.3756841","type":"proceedings-article","created":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T11:53:17Z","timestamp":1766490797000},"page":"142-151","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Comparative Analysis of AI-Driven Security Approaches in DevSecOps: Challenges, Solutions, and Future Directions"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8630-1784","authenticated-orcid":false,"given":"Farid","family":"Binbeshr","sequence":"first","affiliation":[{"name":"Interdisciplinary Research Center for Intelligent Secure Systems, King Fahd University of Petroleum and Minerals, Dhahran, Eastren Province, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9131-6964","authenticated-orcid":false,"given":"Muhammad","family":"Imam","sequence":"additional","affiliation":[{"name":"Computer Engineering Department, King Fahd University of Petroleum and Minerals, Dhahran, Saudi Arabia"}]}],"member":"320","published-online":{"date-parts":[[2025,12,23]]},"reference":[{"key":"e_1_3_3_1_2_2","doi-asserted-by":"crossref","unstructured":"Ahmed Bahaa Ahmed Abdelaziz Abdalla Sayed Laila Elfangary and Hanan Fahmy. 2021. Monitoring real time security attacks for IoT systems using DevSecOps: a systematic literature review. Information 12 4 (2021) 154.","DOI":"10.3390\/info12040154"},{"key":"e_1_3_3_1_3_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-50323-9_10"},{"key":"e_1_3_3_1_4_2","doi-asserted-by":"crossref","unstructured":"Nicolas\u00a0Guzman Camacho. 2024. Unlocking the potential of AI\/ML in DevSecOps: effective strategies and optimal practices. Journal of Artificial Intelligence General science (JAIGS) ISSN: 3006-4023 3 1 (2024) 106\u2013115.","DOI":"10.60087\/jaigs.v3i1.72"},{"key":"e_1_3_3_1_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/3578245.3584943"},{"key":"e_1_3_3_1_6_2","doi-asserted-by":"publisher","unstructured":"Valentina Casola Alessandra De\u00a0Benedictis Carlo Mazzocca and Vittorio Orbinato. 2024. Secure software development and testing: A model-based methodology. Comput. Secur. 137 C (Feb. 2024) 16\u00a0pages. 10.1016\/j.cose.2023.103639","DOI":"10.1016\/j.cose.2023.103639"},{"key":"e_1_3_3_1_7_2","doi-asserted-by":"publisher","unstructured":"Valentina Casola Alessandra De Benedictis Massimiliano Rak and Umberto Villano. 2020. A novel Security-by-Design methodology: Modeling and assessing security by SLAs with a quantitative approach. Journal of Systems and Software 163 (2020) 110537. 10.1016\/j.jss.2020.110537","DOI":"10.1016\/j.jss.2020.110537"},{"key":"e_1_3_3_1_8_2","unstructured":"CASP. 2019. https:\/\/casp-uk.net\/wp-content\/uploads\/2018\/01\/CASP-Qualitative-Checklist-2018.pdf. Accessed: 2019-09-30."},{"key":"e_1_3_3_1_9_2","doi-asserted-by":"publisher","DOI":"10.1109\/CNS48642.2020.9162317"},{"key":"e_1_3_3_1_10_2","unstructured":"Huiyao Dong and Igor Kotenko. 2025. Cybersecurity in the AI era: analyzing the impact of machine learning on intrusion detection. Knowledge and Information Systems (2025) 1\u201352."},{"key":"e_1_3_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/SANER56733.2023.00084"},{"key":"e_1_3_3_1_12_2","unstructured":"Michael Fu Jirat Pasuksmit and Chakkrit Tantithamthavorn. 2024. Ai for devsecops: A landscape and future opportunities. ACM Transactions on Software Engineering and Methodology (2024)."},{"key":"e_1_3_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1109\/MIUCC55081.2022.9781709"},{"key":"e_1_3_3_1_14_2","doi-asserted-by":"publisher","unstructured":"Rupesh\u00a0Raj Karn Prabhakar Kudva and Ibrahim Abe\u00a0M. Elfadel. 2019. Dynamic Autoselection and Autotuning of Machine Learning Models for Cloud Network Analytics. IEEE Transactions on Parallel and Distributed Systems 30 5 (2019) 1052\u20131064. 10.1109\/TPDS.2018.2876844","DOI":"10.1109\/TPDS.2018.2876844"},{"key":"e_1_3_3_1_15_2","volume-title":"Guidelines for performing systematic literature reviews in software engineering","author":"Keele Staffs","year":"2007","unstructured":"Staffs Keele et\u00a0al. 2007. Guidelines for performing systematic literature reviews in software engineering. Technical Report. Technical report, Ver. 2.3 EBSE Technical Report. EBSE."},{"key":"e_1_3_3_1_16_2","doi-asserted-by":"publisher","unstructured":"Iman Kohyarnejadfard Daniel Aloise Seyed\u00a0Vahid Azhari and Michel\u00a0R. Dagenais. 2022. Anomaly detection in microservice environments using distributed tracing data analysis and NLP. J. Cloud Comput. 11 1 (Aug. 2022) 16\u00a0pages. 10.1186\/s13677-022-00296-4","DOI":"10.1186\/s13677-022-00296-4"},{"key":"e_1_3_3_1_17_2","doi-asserted-by":"publisher","unstructured":"Federico Lombardi and Alberto Fanton. 2023. From DevOps to DevSecOps is not enough. CyberDevOps: an extreme shifting-left architecture to bring cybersecurity within software security lifecycle pipeline. Software Quality Journal 31 2 (April 2023) 619\u2013654. 10.1007\/s11219-023-09619-3","DOI":"10.1007\/s11219-023-09619-3"},{"key":"e_1_3_3_1_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICECET55527.2022.9872968"},{"key":"e_1_3_3_1_19_2","doi-asserted-by":"publisher","unstructured":"Takao Okubo and Haruhiko Kaiya. 2022. Efficient secure DevOps using process mining and Attack Defense Trees. Procedia Comput. Sci. 207 C (Jan. 2022) 446\u2013455. 10.1016\/j.procs.2022.09.079","DOI":"10.1016\/j.procs.2022.09.079"},{"key":"e_1_3_3_1_20_2","doi-asserted-by":"crossref","unstructured":"Naveen Pakalapati Bhargav\u00a0Kumar Konidena and Ikram\u00a0Ahamed Mohamed. 2023. Unlocking the Power of AI\/ML in DevSecOps: Strategies and Best Practices. Journal of Knowledge Learning and Science Technology ISSN: 2959-6386 (online) 2 2 (2023) 176\u2013188.","DOI":"10.60087\/jklst.vol2.n2.p188"},{"key":"e_1_3_3_1_21_2","doi-asserted-by":"publisher","DOI":"10.1109\/TELFOR56187.2022.9983681"},{"key":"e_1_3_3_1_22_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-29608-7_7"},{"key":"e_1_3_3_1_23_2","doi-asserted-by":"crossref","unstructured":"Roshan\u00a0N Rajapakse Mansooreh Zahedi M\u00a0Ali Babar and Haifeng Shen. 2022. Challenges and solutions when adopting DevSecOps: A systematic review. Information and software technology 141 (2022) 106700.","DOI":"10.1016\/j.infsof.2021.106700"},{"key":"e_1_3_3_1_24_2","doi-asserted-by":"publisher","DOI":"10.5220\/0005492905510558"},{"key":"e_1_3_3_1_25_2","doi-asserted-by":"crossref","unstructured":"Subramonian\u00a0Krishna Sarma. 2020. Rider Optimization based Optimized Deep-CNN towards Attack Detection in IoT. Proceedings of the International Conference on Intelligent Computing and Control Systems (ICICCS 2020) (2020) 163\u2013168. https:\/\/ieeexplore.ieee.org\/document\/9120955","DOI":"10.1109\/ICICCS48265.2020.9121042"},{"key":"e_1_3_3_1_26_2","doi-asserted-by":"publisher","unstructured":"Subramonian\u00a0Krishna Sarma. 2022. Hybrid optimised deep learning-deep belief network for attack detection in the internet of things. Journal of Experimental & Theoretical Artificial Intelligence 34 4 (2022) 695\u2013724. 10.1080\/0952813X.2021.1924868 arXiv:10.1080\/0952813X.2021.1924868","DOI":"10.1080\/0952813X.2021.1924868"},{"key":"e_1_3_3_1_27_2","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA61755.2024.10710890"},{"key":"e_1_3_3_1_28_2","doi-asserted-by":"publisher","unstructured":"Catarina Silva Vitor\u00a0A. Cunha Jo\u00e3o\u00a0P. Barraca and Paulo Salvador. 2024. Privacy-Based Deployments: The Role of DevPrivOps in 6G Mobile Networks. IEEE Communications Magazine 62 6 (2024) 66\u201372. 10.1109\/MCOM.004.2300405","DOI":"10.1109\/MCOM.004.2300405"},{"key":"e_1_3_3_1_29_2","doi-asserted-by":"publisher","unstructured":"Gopalakrishnan Sriraman and Shriram R. 2024. Slide-block: End-to-end amplified security to improve DevOps resilience through pattern-based authentication. Heliyon 10 4 (2024) e26312. 10.1016\/j.heliyon.2024.e26312","DOI":"10.1016\/j.heliyon.2024.e26312"},{"key":"e_1_3_3_1_30_2","unstructured":"Krti Tallam. 2025. CyberSentinel: An Emergent Threat Detection System for AI Security. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2502.14966 (2025)."},{"key":"e_1_3_3_1_31_2","unstructured":"Naveen Vemuri. 2024. AI-Driven DevOps Practices for Healthcare Data Security and Compliance. International Journal of Intelligent Systems and Applications in Engineering 12 16s (2024) 297\u2013305. https:\/\/www.ijisae.org\/index.php\/IJISAE\/article\/view\/2200"}],"event":{"name":"EASE Companion '25: Evaluation and Assessment in Software Engineering","location":"Istanbul Turkiye","acronym":"EASE Companion '25"},"container-title":["Proceedings of the 2025 29th International Conference on Evaluation and Assessment in Software Engineering Companion"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3727967.3756841","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T12:07:48Z","timestamp":1766491668000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3727967.3756841"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,17]]},"references-count":30,"alternative-id":["10.1145\/3727967.3756841","10.1145\/3727967"],"URL":"https:\/\/doi.org\/10.1145\/3727967.3756841","relation":{},"subject":[],"published":{"date-parts":[[2025,6,17]]},"assertion":[{"value":"2025-12-23","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}