The potential of LLM-generated reports in DevSecOps

TL;DR

This paper investigates how large language models can generate impactful security reports in DevSecOps, reducing alert fatigue and improving response to security threats by providing clear, motivating insights.

Contribution

It introduces the use of LLMs for generating security reports that highlight financial impacts, enhancing developer responsiveness in DevSecOps workflows.

Findings

LLM-generated reports increase likelihood of immediate security action

Reports emphasize financial impact to motivate response

Integration reduces alert fatigue in DevSecOps teams

Abstract

Alert fatigue is a common issue faced by software teams using the DevSecOps paradigm. The overwhelming number of warnings and alerts generated by security and code scanning tools, particularly in smaller teams where resources are limited, leads to desensitization and diminished responsiveness to security warnings, potentially exposing systems to vulnerabilities. This paper explores the potential of LLMs in generating actionable security reports that emphasize the financial impact and consequences of detected security issues, such as credential leaks, if they remain unaddressed. A survey conducted among developers indicates that LLM-generated reports significantly enhance the likelihood of immediate action on security issues by providing clear, comprehensive, and motivating insights. Integrating these reports into DevSecOps workflows can mitigate attention saturation and alert fatigue, ensuring that critical security warnings are addressed effectively.