Latest news with #DevSecOps
Forbes
4 days ago
- Business
- Forbes
GenAI Won't Fix A Broken Cloud
Hrushikesh Deshmukh, Senior Consultant, Fannie Mae. Generative AI (GenAI) has rapidly become the backbone of current digital transformation. This is driving chatbots, automating code and providing predictive insights at scale. If your cloud infrastructure is fragmented, your teams are disjointed or your workflows are patchwork-based, AI will only amplify the dysfunction that exists. As AI is a driver of advancement, organizations first need to address the cultural and architectural flaws that constrain them. Absent this foundation, AI is noise rather than value. Most corporate executives see GenAI as a magic key to increased productivity, creativity and efficiency in operations. There is a common assumption that having AI deployed will yield revolutionary results. But without the right foundations, AI solutions often end up being superficial and unreliable: • Cloud infrastructures are too complex and insufficiently documented to integrate and scale easily. • DevSecOps pipelines are unreliable and lack good observability, which lowers reliability and response time. • Information is still siloed, replicated and stale, compromising AI efficiency and precision. • FinOps processes are reactive instead of proactive, generating runaway expenses and inefficiencies. To truly unlock GenAI's potential, organizations must first address these foundational weaknesses. GenAI can be revolutionary, but it is not a cure-all solution on its own. It is an additional layer on top of all the things that architecture already accomplishes. Only 15% of organizations that deployed AI at scale experienced sustained gains in their operating models, one of the reasons being poor architectural readiness. Businesses need to concentrate on the following architectural pillars: • Modular, API-Driven Microservices: These provide flexibility and interoperability and make it easy for AI components to integrate into current systems. • Event-Driven, Scalable Infrastructure: AI workloads can be unpredictable, spiking without warning. • Unified Observability And AIOps: Unified observability solutions plus AIOps provide real-time monitoring, speed of issue identification and root-cause determination. • Secure Data Governance And Policy-As-Code Enforcement: Data is the main source for GenAI, and its compliance, quality and accessibility all impact model performance. Cloud architecture needs to be viewed as a living, dynamic system—not a fixed deployment. It must be optimized continually to accommodate shifting workloads, governance requirements and new AI tools emerging. While cloud architecture is the body that enables AI, organizational culture is the nervous system that decides how well it works. More than 70% of AI projects fail, most often due to cultural and organizational factors rather than technological issues. Businesses need to go through a cultural shift. This entails changing both mindset and operational behavior: • From Ticket-Based Support To Self-Service And Platform Thinking: Enabling teams to resolve issues on their own and get access to tools without waiting enables faster innovation and less friction. • From Siloed Responsibilities To Cross-Functional Accountability: AI projects need to involve IT, data science, business operations and compliance teams collaborating around common goals. • From "Build Fast, Fix Later" To "Design Smart, Scale Responsibly": Careful planning is required with AI. Short-term thinking can result in badly tested models, breaches and scalability problems. Culture is key to how GenAI is adopted, regulated and scaled. Organizations that value collaboration, exploration and responsibility will be better positioned to develop AI practices that are both successful and sustainable. To provide true value with GenAI, companies can start with a serious evaluation of their cloud infrastructure. AI can flourish only when developed on agile, transparent and scalable infrastructure. Enterprises should pose important questions before implementing GenAI: • Is the cloud architecture optimized for speed, cost management and visibility? • Are CI/CD and MLOps pipelines dynamic enough to accommodate changing AI workloads? • Can teams make AI insights operational fast or are they slowed down by manual work? • Have strong policies for the ethical, explainable and responsible use of AI been put in place? Cloud transformation is not a choice; it is a necessity. Only by restructuring their infrastructure, optimizing operations and building in responsible practices can companies realize the full, sustainable potential of AI. While cultural and organizational factors are a common reason AI projects fail, data-related issues are another major obstacle to success. GenAI systems are only as reliable as the data they're built on. To ensure trustworthy and accurate outputs, organizations must take a disciplined approach to data management, including: • Ensuring data consistency and integrity across sources and systems • Implementing metadata control and maintaining data lineage for traceability • Centralizing data catalogs to support discoverability and reuse • Enforcing access controls and policy-based governance to protect sensitive information • Regularly auditing data for freshness, accuracy and relevance To unlock real value from GenAI, businesses must treat data as a managed, strategic asset—not an afterthought. If your systems are fragmented and your culture lacks cohesion, AI will only accelerate the dysfunction. Organizations must resist the urge to chase AI blindly without first addressing foundational flaws. No level of intelligence, however advanced, can compensate for poor design or a misaligned vision. Build it right first and then let AI amplify your success from there. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Forbes
4 days ago
- Business
- Forbes
Deterministic AI: The Silent Architect Of The DevSecOps Revolution
Ian Amit, CEO & Co-Founder at Gomboc AI. getty In the high-stakes arena of modern software development, where speed and security collide, a quiet revolution is unfolding. While GenAI dominates headlines with its creative potential, a less glamorous but far more reliable force—deterministic AI—is reshaping DevSecOps from the ground up. This isn't about flashy demos or speculative innovation; it's about engineering resilience into the DNA of cloud infrastructure. DevSecOps thrives on consistency. A single misconfigured cloud resource or unchecked vulnerability can cascade into catastrophic breaches, regulatory penalties and reputational ruin. GenAI, for all of its promise, operates as a "black box," producing outputs that vary in quality and compliance. This inherent unpredictability renders it a poor fit for environments where audit trails and repeatable processes are non-negotiable. Deterministic AI, by contrast, is purpose-built for precision. It enforces codified security policies such as CIS benchmarks or NIST frameworks directly within infrastructure as code (IaC) templates. Automating compliance checks before deployment eliminates the human error that plagues manual reviews. From my experience, early adopters have reported significant reductions in misconfigurations, turning compliance from a reactive scramble into a seamless byproduct of development. Gartner, Inc.'s June 2024 AI Hype Cycle positioned GenAI at the "peak of inflated expectations"—reflecting intense publicity but unproven reliability in high-risk domains like cybersecurity. In contrast, knowledge graphs (which are foundational to deterministic AI systems) appear on the "slope of enlightenment." This divergence signals that while AI in cybersecurity broadly remains in flux, deterministic approaches leveraging contextual reasoning and audit trails are advancing toward the "plateau of productivity" faster than their generative counterparts. Consider threat mitigation: Deterministic AI doesn't just flag vulnerabilities—it auto-remediates them using documented and traceable logic, significantly reducing mean time to repair (MTTR). In regulated environments governed by frameworks like HIPAA or GDPR, predictability and auditability are mission-critical. Deterministic AI transforms IaC into an enforceable contract between development and security. By embedding policy-as-code guardrails directly into CI/CD pipelines, it automates compliance for cloud configurations—from S3 bucket permissions to Kubernetes hardening. The broader takeaway? Deterministic AI represents operational discipline at scale, not speculative innovation. Deterministic AI won't generate poetry or go viral on social media. Its strength lies in what it doesn't do: surprise you. In an era where both regulators and attackers exploit ambiguity, deterministic systems deliver the audit trails, consistency and compliance rigor that enterprises demand. The only surprise might be just how much institutional knowledge it quietly codifies into every fix and policy enforcement. Gartner's Hype Cycle trajectory confirms this shift. The placements of GenAI and knowledge graphs position deterministic approaches as first-movers toward the "plateau of productivity" in cybersecurity AI. For DevSecOps teams, this means bypassing hype for solutions that deliver provable, repeatable outcomes—exactly where deterministic systems excel. Despite its clear advantages, deterministic AI hasn't yet become a default tool in most DevSecOps stacks. Based on conversations with industry leaders and firsthand implementation efforts, a few reasons are: • Adoption Friction: Integrating deterministic AI into existing CI/CD pipelines and workflows requires upfront effort. It demands tight policy definitions and a cultural shift toward proactive security. • Cost And Resourcing: Some teams—especially those without dedicated DevSecOps roles—view the implementation as resource-intensive in the short term, even if it pays dividends in the long term. • Change Management: Developers can be wary of tools that enforce "hard rules," especially if the system is perceived as slowing them down. Ensuring the AI augments rather than obstructs their workflow is crucial for success. • Lack Of Awareness: GenAI's broader brand recognition means deterministic approaches often get overlooked, even when they're a better fit for secure infrastructure automation. To drive wider adoption, the industry needs more education around deterministic models, clearer case studies and user-friendly integrations that make the transition smoother. To be clear, GenAI isn't without merit in the DevSecOps ecosystem. It shines in exploratory and documentation-heavy tasks—writing policy drafts, generating code scaffolding or summarizing security reports. For early-stage teams or lean security functions, it can accelerate ideation or provide a baseline for manual review. The key is knowing where GenAI ends and deterministic AI begins. When compliance, traceability and precision are at stake, deterministic systems can offer the reliability that GenAI simply can't guarantee today. The future of DevSecOps belongs to architectures that marry innovation with accountability. Deterministic AI isn't a replacement for generative models but a necessary counterbalance—a silent architect ensuring that the rush to innovate doesn't outpace the imperative to secure. Organizations navigating the complexities of cloud-native development should invest in systems that prioritize precision over novelty. In cybersecurity, there's no glory in being creative—only in being right. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Yahoo
4 days ago
- Business
- Yahoo
Canaccord Maintains Buy on GitLab (GTLB), Cuts PT
GitLab Inc. (NASDAQ:GTLB) is one of the 10 stocks that Jim Cramer and analysts are watching. On June 12, Canaccord cut the stock's price target on the company from $78 to $76 while maintaining a Buy rating. The firm noted that the company delivered solid Q1 results, with revenue growing 27% and stronger-than-expected profits driven by 12% operating margins, marking a 1,440 basis point improvement from last year. Canaccord sees growing momentum in AI-driven code development as a sign of ongoing investment in DevSecOps platforms and considers GitLab (NASDAQ:GTLB) a leading player in this space. A team of software engineers working together in an open office, developing innovative solutions. On June 11, Cramer showed bearish sentiment toward GitLab Inc. (NASDAQ:GTLB) and the broader enterprise software industry, as he said: 'Yeah, I thought that GitLab, frankly, I was prepared for disappointment, and I got it. This kind of collaborative software, enterprise software stock, I don't want right now… You know, I like an Oracle, which is going up, but that's data center. I don't want, I just do not want enterprise software. I think they're all too expensive.' GitLab (NASDAQ:GTLB) provides a platform that helps organizations plan, build, secure, and launch software. The company supports every step of the development process and also offers training and support services. While we acknowledge the potential of GTLB as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: The Best and Worst Dow Stocks for the Next 12 Months and 10 Unstoppable Stocks That Could Double Your Money. Disclosure: None. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Techday NZ
4 days ago
- Business
- Techday NZ
Circumvent raises $6 million to advance proactive AI cloud security
Circumvent has secured $6 million in early-stage funding to advance the development and commercial rollout of its proactive cloud security platform. This investment has been led by Paladin Capital Group, an investor focused on cybersecurity and secure artificial intelligence, and will enable Circumvent to launch its multi-agent AI system designed to assist cloud and security teams with managing and resolving security alerts across complex infrastructures. Platform approach Circumvent's platform addresses the challenge faced by organisations overwhelmed by high volumes of alerts originating from multiple security tools in their cloud infrastructure and application environments. The system uses artificial intelligence and machine learning to ingest, correlate, and enhance alerts from a broad set of cloud-native, open-source, and third-party sources. By connecting these alerts with up-to-date business context, Circumvent aims to streamline risk prioritisation and allow teams to focus on source-level remediation tasks that are most critical to their operations. Circumvent was founded by Michael Watts and Thomas Bui. Watts previously established Cloud Conformity, a former Paladin Capital Group portfolio company that was acquired by Trend Micro in 2019. Bui, now Chief Technology Officer at Circumvent, brings experience from the banking sector, government, and a previous tenure at Uber. The co-founders have worked together in the past, building technology products targeted at complex business challenges. Multi-Agent AI system At the core of Circumvent's solution is a Multi-Agent AI System. This is described as a coordinated network of intelligent agents responsible for managing prioritisation and remediation activities at large scale. These agents are designed to act autonomously, adapting to each customer's specific cloud environment and supporting what Circumvent terms a guided remediation experience. The company reports that it is currently partnering with several large enterprises across the United States, Australia, and New Zealand, particularly those with significant cloud infrastructure on AWS, Azure, and Google Cloud. "Security and cloud teams are under immense pressure to move fast without increasing risk," said Michael Watts, co-founder and CEO of Circumvent. "We're not just generating more alerts—we're building the intelligence layer that helps teams understand what to fix, why it's important, and how to take immediate action to resolve the root cause." Thomas Bui, co-founder and CTO, stated, "By aligning alerts with real-time business context, Circumvent ruthlessly prioritises risks, identifies root causes, and enables engineering teams to take precise, targeted remediation actions at the source. The platform is built to integrate seamlessly into existing DevSecOps workflows, improving security efficiency without slowing innovation." Funding allocation The funding from Paladin Capital Group will be used to accelerate product development and support early engagement with customers. Part of the investment will also fund the establishment of Circumvent's new commercial headquarters in San Francisco, while continuing to base its research and development activities in Australia. The San Francisco office is expected to underpin Circumvent's expansion into the United States and increased global outreach. "We're thrilled to be working again with Michael Watts and the exceptional founding team at Circumvent," said Tom Clute, Principal at Paladin Capital Group. "Our mission is to support entrepreneurs who are transforming cybersecurity through innovation from the ground up. Circumvent is addressing one of the most critical challenges in cloud security today: closing the gap between identifying risks and driving effective, scalable remediation." Company operations Circumvent reports that its solution is intended to automate the triage and prioritisation of alerts, minimising manual intervention and addressing alert fatigue among security operations staff. The platform aims to deliver remediation recommendations with human verification, allowing security teams to address risks more efficiently and at their source. With this funding, Circumvent and Paladin Capital Group are seeking to address what they describe as a significant shortfall in the current market: the ability for enterprises to not only identify risks in the cloud but also to remediate them effectively and at scale.
Yahoo
12-06-2025
- Business
- Yahoo
Gitlab Shares Fall Despite Q1 Earnings Beat, Revenues Up Y/Y
GitLab GTLB reported first-quarter fiscal 2026 non-GAAP earnings of 17 cents per share, beating the Zacks Consensus Estimate by 13.33%. The company reported earnings of 3 cents per share in the year-ago revenues of $214.4 million beat the consensus mark by 0.91% and rallied 27% year over year. The upside can be attributed to strong demand for its DevSecOps shares dropped 13.01% in pre-market trading due to mounting competition in AI code generation and lingering public sector uncertainty. Subscriptions, self-managed and SaaS (90.7% of total revenues) revenues increased 28.6% year over year to $194.5 million, beating the Zacks Consensus Estimate by 3.33%. License, self-managed and other revenues (9.3% of total revenues) rose 11.2% year over year to $20 revenues contributed 30% to total revenues and surged 35% year over year, driven by the strong adoption of GitLab Dedicated, AI integration and expanding customer engagement. GitLab Inc. price-consensus-chart | GitLab Inc. Quote Customers with more than $5K of Annual Recurring Revenue (ARR) increased to 10,104, up 13% year over year. Customers with more than $100K of ARR increased to 1,288, up 26% year over year, demonstrating GTLB's ability to attract and retain large enterprise dollar-based Net Retention Rate was 122% in the reported Remaining Performance Obligation (RPO) surged 40% year over year to $955.1 million. The current RPO increased 34% to $584.8 the reported quarter, GitLab announced the general availability of GitLab 18, featuring major innovations across core DevOps workflows, security and compliance, and AI capabilities natively integrated into the platform. The company also announced the general availability of GitLab Duo with Amazon Q for Ultimate self-managed customers on AWS and achieved FedRAMP Moderate Authority to Operate for GitLab Dedicated for Government, under the sponsorship of the GSA. On a non-GAAP basis, research & development expenses increased 22.3% year over year to $51.1 million. Sales and marketing expenses were up 15.1% to $85.5 million. General and administrative expenses declined 25.3% to $30.7 million in the reported income was $26.1 million on a non-GAAP basis compared with the year-ago quarter's loss of $3.8 million. As of April 30, 2025, cash and cash equivalents and short-term investments were $11.05 billion compared with $9.92 billion as of Jan. 31, the reported quarter, the company generated a cash flow from the operation of $106.3 million compared with an operating cash outflow of $63.2 million in the previous of April 30, 2025, the adjusted free cash flow was $104.1 million compared with $62.1 million as of Jan. 31, 2025. For the second quarter of fiscal 2026, GitLab expects revenues between $226 million and $227 million, indicating approximate growth of 24% year over year. The Zacks Consensus Estimate for revenues is currently pegged at $225.27 operating income is expected to be in the range of $23-$24 million for the fiscal second fiscal second quarter earnings are expected to be between 16 cents per share and 17 cents per share. The consensus mark for the same is pinned at 15 cents per share. (Find the latest EPS estimates and surprises on Zacks Earnings Calendar.)For fiscal 2026, GitLab expects revenues between $936 million and $942 million, indicating growth of approximately 24% year over year. The Zacks Consensus Estimate for the same is pegged at $936.51 operating income is expected to be in the range of $117-$121 million for fiscal 2026. Non-GAAP earnings are expected to be between 74 cents per share and 75 cents per share. The consensus mark for fiscal 2026 earnings is pinned at 70 cents per share. Currently, Gitlab has a Zacks Rank #2 (Buy).Karooooo KARO, Amphenol APH and Pegasystems PEGA are some other top-ranked stocks in the broader Zacks Computer & Technology Amphenol and Pegasystems sport a Zacks Rank #1 (Strong Buy) each at present. You can see the complete list of today's Zacks #1 Rank stocks shares have appreciated 32.8% in the year-to-date (YTD) period. The Zacks Consensus Estimate for KARO's fiscal 2026 earnings has been revised upward by 2 cents to $1.82 in the past 30 days, suggesting year-over-year growth of 11.66%.Amphenol shares have returned 33.2% YTD. The Zacks Consensus Estimate for APH's 2025 earnings is pegged at $2.66 per share, up by a penny over the past 30 days, suggesting a growth of 40.74%.PEGA shares have gained 8.7% YTD. The Zacks Consensus Estimate for PEGA's 2025 earnings is pegged at $3.61 per share, implying a rise of 19.14% year over year. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Amphenol Corporation (APH) : Free Stock Analysis Report Pegasystems Inc. (PEGA) : Free Stock Analysis Report Karooooo Ltd. (KARO) : Free Stock Analysis Report GitLab Inc. (GTLB) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
