Skip to main content

SmartBear Tightens Integration Between AI Coding and Testing Tools

SmartBear this week revealed it is narrowing the divide between coding and testing by integrating its platform with artificial intelligence (AI) coding tools.

Sheryl Koenigsberg, senior vice president of product marketing at SmartBear, said integrations with AI coding tools from Anthropic, Atlassian, GitHub, and Amazon Web Services (AWS) will make it simpler for application developers to test code without having to exit the tools they use to create code.

Specific capabilities added to the SmartBear portfolio include a SmartBear Model Context Protocol (MCP) server for GitHub and connectors to ReadyAPI and Swagger for developers using Claude Code from Anthropic.

The overall goal is to reduce the level of friction that application developers might encounter as the volume of code being generated using AI coding tools continues to exponentially increase, said Koenigsberg. In the absence of that testing, the amount of technical debt that software engineering teams are accruing will soon become unsustainable, she added.

Mitch Ashley, vice president and practice lead for software lifecycle engineering at the Futurum Group, said the integrations provided by SmartBear pull testing inside the integrated development environment (IDE) where AI assistants generate code. That approach makes it possible to validate code at the cadence that code is now being created, he added.

Verification that sits outside the agent loop will otherwise accumulate as verification debt, noted Ashley.

While software engineering teams have been trying to shift more responsibility for testing further left for years, the need for application developers to test code before checking it into a DevOps pipeline has become more pressing. It’s not likely that shifting more responsibility for testing further left is going to eliminate the need for dedicated testing teams, but it should substantially reduce the number of issues that conspire to slow down the pace of application development.

It’s not clear how many DevOps teams are revisiting testing in the AI era, but a recent Futurum Group survey finds well over a third of organizations (37%) have adopted AI-assisted testing. In the absence of that testing, many of the return on investment (ROI) benefits provided by AI are negated if too much of the code being created winds up being rejected before being included in a build.

The challenge is that application developers today lack the context needed to review the code created by AI coding tools. As such, the need for AI tools to surface issues in code has become crucial at a time when developers are being asked to read massive amounts of code they personally did not create. Much of that code, in addition to containing any number of vulnerabilities, also tends to be more verbose than the code that humans would create.

The thing that DevOps teams need to remember is that asking an AI coding tool to test its own code is essentially asking it to grade its own homework. Software engineers need to make sure the AI agent that reviews code is based on a different large language model (LLM).

Regardless of the approach to testing AI code, the one thing that is certain is that shipping code faster doesn’t result in better software being deployed without testing.



from DevOps.com https://ift.tt/m1c0xWq

Comments

Popular posts from this blog

Shift Left to the Developer’s Machine: Building Local Git Security Gates 

A developer pushes one file. It contains an AWS access key left in a configuration block. Five minutes later, CI catches it. By then, the secret is in the remote repository, cached by mirrors and potentially forked. The developer rotates the key, scrubs the commit history and spends the rest of the afternoon on incident response. The real question isn’t how to clean up faster — it’s why the secret left the developer’s machine in the first place.   The Five-Minute Gap   Most engineering teams have invested in CI-based secret scanning . Tools such as GitHub Advanced Security, GitGuardian and TruffleHog’s CI integration catch leaked credentials in pull requests and pushed branches. This is good, but it’s also too late.   The GitGuardian 2026 State of Secrets Sprawl report found that 29 million secrets were detected on GitHub in 2025 alone — a 34% year-over-year increase and the largest single-year jump ever recorded. Worse, 64% of secrets leaked back in 202...

Building a Security Feedback Process for DevOps

The last few years have seen some major slip-ups in the security space among all major cloud providers, resulting in uncertainty and speculation. That’s understanding; cloud security is an extremely complicated subject as enterprises build and deploy applications faster than ever before to keep up with business requirements. Most of the security issues that occur […] The post Building a Security Feedback Process for DevOps appeared first on DevOps.com . from DevOps.com http://bit.ly/2L1DS7t

Newly Appointed CloudBees CEO Charts Agentic AI Engineering Course

The newly appointed CEO of CloudBees, Mo Plassnig, says that as the agentic artificial intelligence (AI) era dawns, the time has come to reinvent software engineering in a way that moves beyond human-centric tooling. Plassnig, who earlier this month succeeded Anuj Kapur, joins CloudBees from Immuta, a provider of a data security and governance platform, where he served as chief product officer. However, Plassnig was also one of the founders of Codeship, a provider of a hosted continuous integration and continuous delivery (CI/CD) platform that CloudBees acquired in 2018. As the way applications are built and deployed fundamentally changes, DevOps workflows will need to evolve to accommodate massive amounts of code that is being generated by both professional developers and, increasingly, so-called citizen developers, said Plassnig. In fact, writing code is no longer a constraint, he added. Before too long, end users will routinely express an intent that will be converted into a set ...