TL;DR: AI is moving through planning, coding, testing, security, deployment, and agent orchestration across the SDLC, while humans retain priorities, accountability, and final judgment, according to Backslash Security. Legacy AppSec models are too slow for AI-native delivery, and governance now has to follow the pace of AI-assisted execution.
At a glance
What this is: This is a Backslash Security analysis of how AI is reshaping every stage of the SDLC and shifting developers toward higher-order oversight.
Why it matters: It matters because IAM, NHI, and security teams now have to govern AI-assisted workflows, agentic endpoints, and the identity assumptions embedded in modern delivery pipelines.
👉 Read Backslash Security's analysis of how AI reshapes the SDLC
Context
AI is no longer just writing code. In modern software delivery, it participates in planning, architecture, testing, security, deployment, and orchestration across the software development lifecycle, which changes where identity and governance controls need to sit.
The governance gap is that traditional AppSec and delivery controls were built for human-paced work. As AI systems speed up execution and keep pipelines running continuously, teams have to rethink how accountability, oversight, and risk decisions are enforced across the development chain.
Key questions
Q: How should security teams govern AI-assisted software development pipelines?
A: Treat AI-assisted delivery as a governed decision system, not just a productivity layer. Define which actions are advisory, which require approval, and which are prohibited in code generation, review, testing, and deployment. The goal is traceability around human judgment, so security teams can see where risk was accepted and by whom.
Q: Why do AI agents complicate SDLC security controls?
A: AI agents compress work cycles, preserve context, and can trigger follow-on actions faster than manual review can react. That makes timing, handoffs, and approval boundaries part of the control problem. If a control assumes a human will always observe the intermediate state, it will fail in an AI-native pipeline.
Q: What breaks when code review is heavily automated with AI?
A: What breaks first is not the ability to detect issues, but the ability to preserve judgment. AI can flag style, logic, and some security defects, yet it cannot own architectural tradeoffs, business context, or exception handling. If teams accept model output too quickly, they create the illusion of review without real accountability.
Q: Who should be accountable when AI changes a deployment decision?
A: The engineering organisation remains accountable, even if an AI system predicts failure or recommends rollback. Human owners need clear release policy, blast-radius tolerance, and escalation criteria before automation is allowed to intervene. Without that, AI becomes a decision surface without a responsible operator.
Technical breakdown
AI-assisted planning and requirements synthesis
AI can ingest tickets, retrospective notes, user feedback, and product briefs to turn messy inputs into structured requirements. That helps teams detect contradictions, missing dependencies, and unrealistic scope earlier than manual review alone. The technical shift is that requirements analysis becomes machine-accelerated but not machine-owned. AI can rank signals and expose patterns, but business priority still sits outside the model. In practice, this changes the control point from document review to governance over how requirements are formed, validated, and approved.
Practical implication: require human sign-off on high-impact requirements, especially where AI has synthesized the source material.
Agent orchestration in the SDLC
Orchestrator agents coordinate specialized agents across the SDLC by routing tasks, preserving context, reconciling outputs, and escalating uncertainty. That is different from simple automation because the orchestrator is managing a live work graph, not just executing a fixed workflow. In identity terms, the important question is which actions are pre-authorised and which are decided at runtime. Once agents begin chaining work across stages, the control surface expands from individual tools to the relationships between agents, approvals, and shared context.
Practical implication: inventory which agents can hand work to other agents and define where approval boundaries still apply.
Shift-left security and AI-guided remediation
AI is making shift-left security more practical by surfacing vulnerabilities, compliance gaps, and likely exploit paths during development rather than after release. It also changes remediation from a delayed ticketing model to real-time feedback inside IDEs, pull requests, and CI pipelines. The technical benefit is speed, but the risk is over-trusting machine-generated guidance without validating exploitability or business impact. Security still needs policy, triage, and exception handling, even when detection becomes continuous.
Practical implication: connect AI-based findings to explicit risk thresholds so teams do not auto-accept machine-generated remediation advice.
Threat narrative
Attacker objective: The objective is to exploit speed, trust, and context loss in AI-assisted delivery to introduce vulnerabilities or operational failure before humans can intervene.
- Entry occurs when AI assistants or coding agents are integrated into planning, code generation, review, or deployment workflows and gain broad context across repositories and pipelines.
- Escalation happens when those systems are trusted to coordinate tasks, recommend fixes, or automate rollout decisions faster than human review can keep up.
- Impact emerges when over-reliance on generated code, stale context, or agent-driven pipeline actions introduces hidden technical debt, compliance drift, or production risk.
Breaches seen in the wild
- Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
- DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
AI-native SDLC governance collapses the old assumption that development risk appears only after code is written. Backslash's framing is right to treat AI as a participant across planning, architecture, testing, security, and deployment, because the control surface has moved upstream. That means risk is now introduced in requirement synthesis, workflow orchestration, and machine-assisted review rather than only in the final artifact. Practitioner conclusion: govern the pipeline as an identity and decision system, not just as code output.
Agent orchestration is becoming an identity problem as much as an engineering problem. Once one agent routes work to another, preserves context, and escalates uncertainty, the relevant question is not just what the model can do but which actions it can initiate at runtime. That is where accountability, approval boundaries, and tool scope become governance objects. Practitioner conclusion: treat orchestrator permissions and handoff rules as first-class controls.
Shift-left security is no longer optional, but speed without validation simply moves failure earlier. AI can surface findings continuously, yet continuous detection does not equal continuous assurance if teams cannot confirm exploitability, business impact, and exception handling. The new failure mode is false confidence from machine-generated triage. Practitioner conclusion: align AI-assisted security with explicit risk acceptance paths, not just faster alerts.
Developer work is moving up the stack, which increases the value of policy, architecture, and judgment. As AI handles more repetitive implementation, human engineers spend more time on problem framing, validation, governance, and security oversight. That changes the skills profile that matters to IAM, AppSec, and platform leaders because the bottleneck is no longer typing speed. Practitioner conclusion: invest in review quality, decision traceability, and control design rather than only in code velocity.
Runtime governance gap: AI-assisted delivery exposes a control gap between pre-authorised workflows and independent runtime decisions. The article shows that modern development environments depend on continuous context, yet traditional AppSec still assumes slower, human-mediated checkpoints. Practitioner conclusion: map where the organisation still relies on review cycles that are too slow for the system now in use.
From our research:
- 44% of developers are reported to follow security best practices for secrets management, exposing a significant developer behaviour gap, according to The State of Secrets in AppSec.
- Only 6 distinct secrets manager instances are used on average, which fragments control and weakens centralised governance across development environments.
- For lifecycle and offboarding controls that map well to AI-assisted delivery and service identities, see NHI Lifecycle Management Guide.
What this signals
Runtime governance gap: AI-assisted delivery is widening the space between what security policy says and what engineering systems actually do. As AI begins to participate in planning, code review, testing, and deployment, teams need controls that can follow decision-making as it moves across stages, not just after code lands.
The signal for practitioners is that AppSec maturity now depends on traceability, not simply on detection coverage. If the organisation cannot show who approved an AI-generated change, which exception was granted, and what context the model used, security oversight is already behind the operating model.
With 44% of developers following secrets management best practices in our State of Secrets in AppSec research, the behaviour gap is already visible. AI acceleration will amplify that gap unless governance keeps pace with how developers actually work.
For practitioners
- Define approval boundaries for AI-assisted delivery Separate tasks that AI may recommend from tasks it may execute. Require explicit human approval for architecture changes, security-critical logic, and production rollout decisions.
- Inventory agent handoffs and orchestration paths Document which agents can route work, preserve context, and trigger downstream actions. Focus on where one AI system can influence another without a human checkpoint.
- Tie AI findings to risk thresholds Classify vulnerabilities, compliance issues, and rollout pauses by severity and business impact. Do not allow machine-generated remediation to bypass normal exception handling.
- Strengthen review quality over review volume Use AI to reduce queue backlogs, but keep humans accountable for final approval, especially where code touches authentication, secrets handling, or deployment logic.
- Rebuild engineering governance around decision traceability Record why a model recommendation was accepted or rejected, who approved it, and which controls were invoked. That audit trail matters when AI is participating across the SDLC.
Key takeaways
- AI is no longer confined to code generation, it is shaping the full SDLC and changing where security controls must operate.
- The biggest risk is not speed alone, but the loss of human judgment, traceability, and approval discipline inside AI-assisted workflows.
- Practitioners should govern AI as a decision-making layer, with explicit boundaries, auditability, and human accountability for high-risk actions.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Agentic AI Top 10 address the attack and risk surface, while NIST AI RMF and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Agentic AI Top 10 | A1 | Agent orchestration and runtime decisions create classic agentic AI trust and tool-use exposure. |
| NIST AI RMF | The article centres on governance, accountability, and human oversight for AI in delivery. | |
| NIST CSF 2.0 | PR.AC-4 | Access and approval boundaries in delivery pipelines align with least-privilege control design. |
Limit AI and pipeline permissions to the minimum required and review elevated access on a fixed cadence.
Key terms
- Agent orchestration: Agent orchestration is the coordination layer that assigns work, preserves context, and sequences actions across multiple AI agents. In security terms, it becomes a governance problem because it can move decisions, tool use, and escalation paths outside the human review cadence that traditional controls assume.
- Shift-left security: Shift-left security moves vulnerability detection and policy enforcement earlier in the software development lifecycle, especially into the IDE, pull request, and CI pipeline. The aim is to catch problems when they are introduced, but the model still depends on clear ownership, validation, and exception handling.
- AI-native delivery: AI-native delivery is a development operating model where AI participates across planning, building, testing, security, and deployment rather than only in isolated coding tasks. This changes governance because the control surface spans decisions, handoffs, and runtime context, not just the final code artifact.
- Decision traceability: Decision traceability is the ability to reconstruct who approved an action, what context informed it, and why the final choice was made. In AI-assisted engineering, it matters because model recommendations can accelerate work while obscuring accountability unless the organisation records the human decision path.
What's in the full article
Backslash Security's full article covers the operational detail this post intentionally leaves for the source:
- Stage-by-stage examples of how AI changes planning, coding, testing, and deployment decisions.
- More detail on orchestration patterns and how the orchestrator agent coordinates specialised agents.
- Practical descriptions of how AI-assisted security feedback is embedded into IDEs, pull requests, and CI pipelines.
- The article's discussion of what the developer role looks like when coding shifts up the stack.
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
Published by the NHIMG editorial team on 2026-05-12.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org