paint-brush
How to Securely Take Advantage of Generative AIby@johncampbell
253 reads

How to Securely Take Advantage of Generative AI

by John CampbellJune 29th, 2023
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Generative artificial intelligence (AI) has garnered attention in the software development ranks for its ability to produce software that appears to be of high quality. But along with the promise of increased productivity from new code generation tools comes increased risks.
featured image - How to Securely Take Advantage of Generative AI
John Campbell HackerNoon profile picture

Generative artificial intelligence (AI) has garnered attention in the software development ranks for its ability to produce software that appears to be of high quality. But along with the promise of increased productivity from new code generation tools comes increased risks.


How does an organization take advantage of this productivity increase while eliminating or mitigating the risks? First let’s look at some of the risk with utilizing generative AI:


  • Inadvertent Vulnerabilities – Code generated by LLMs may inadvertently contain vulnerabilities. Generative AI’s may use a Large Language Model (LLM) that has been trained on code of dubious origin and as is often said, garbage in, garbage out.
  • IP Ownership Complexity – The resolution of intellectual property rights, copyright, and ownership pertaining to AI-generated code is still an ongoing process. For instance, when utilizing AI-generated code trained on open-source software, failing to adhere to the license requirements of that software may constitute a copyright violation. As generative code continues to evolve, it is expected that the intricacies surrounding these issues will become clearer, but it may require time and legal precedents to establish more definitive guidelines.
  • Code Quality Concerns – AI generated code may not need the reliability, scalability and quality required, and generative AI models can produce code that is difficult to understand or explain. An important maintenance consideration is to ensure that code is well-designed and documented.


While there are risks with using generative AI with proper guidance it can increase developer productivity. And already many developers feel that generative AI is another essential tool.

Here are a few guidelines that may help minimize the risks of generative AI while providing productivity benefits:


  • Consider generative AI as your coding partner – But a junior one. You should maintain a good amount of skepticism about the generated code and be vigilant to confirm quality.
  • Always review AI generated code – Generative AI produces results that seem coherent and convincing but aren’t always correct. Don’t take AI generated code for granted. All code should be reviewed and tested prior to use.
  • Be careful of revealing confidential information via AI prompts – Although many services portend that customer prompts aren’t used for model training you have limited ability to know exactly how services handle customer information.
  • Establish the basics – Understanding how to properly utilize generative AI is crucial for obtaining optimized results. Users should familiarize themselves with the fundamentals of prompt engineering.
  • Strong people and process – The best defense for eliminating code vulnerabilities is still a well-trained development staff and a well-engineered software supply chain. It is crucial for developers to be trained in recognizing and addressing vulnerabilities, ensuring that generative AI does not become an unintentional source of insecure code.


For many developers generative AI has become an invaluable tool, with numerous developers recognizing its benefits. Instead of outright prohibiting its use due to associated risks, it is more effective to establish a clear and concise set of guidelines that developers can adhere to. By doing so, we can strike a balance between leveraging generative AI for increased productivity and mitigating potential risks.