Can you rely on ChatGPT for secure coding?
If you have come across any of social media "Stop harassingChatGPT" posts, or maybe tried to check its limits, you are aware that sometimes it may struggle with basic math and simple logic. This is totally understandable having in mind that it was educated on people's historical and current collective writing worldwide and unfortunately, it's still not the robot butler that you've been dreaming of. The problem is that it often presents entirely false facts with a confidence of a four-year-old in a Batman costume.
While it can be a great learning tool in some cases when you need some complex subjects simplified, you must remember its biased behavior and
never fully rely on the data it provides. This is especially important when it comes to coding, since there are a lot of security issues to be aware of.
Where ChatGPT fails to support you in coding
• It doesn't have enough data for the ever-evolving secure coding best practices. ChatGPT is not updated with the latest threats, vulnerabilities,and attacks, as it is not linked to any cybersecurity framework.
• Chat GPT cannot guarantee about misconfiguration issues, as it is also the biggest flaw in human coding.
• It cannot perform security review of the code, nor to ensure authenticity of external data sources.
• It has no advanced secure coding capabilities to make assessment of the code in terms of weakness and vulnerability.
• There is no assurance for the safety of the code it produces since it is not designed to take account of the saved data it generates. This can
impose a threat for the IT ecosystem where you plan to deploy it. Think about API keys, tokens, login pairs and log entries.
How to leverage AI in secure coding
AI-powered tools can help you address potential security flaws in the code you build. But the result is only as good as the developer’s intentions and depth of understanding. So, if you are a coding newbie without full knowledge of how coding works and how to secure it, you'll haveto improve your understanding of coding and cybersecurity to take full advantage of AI coding and AI secure coding solutions.
Technology is here to make things easier, and it would be foolish not to use it as support. However, the only smart way to gowith it at this point is to be open to learning how to useChatGPT or any other AI tool but invest in developing your other skills, too. Remember that people are still the pillars of fully working coding solutions.