Asian Journal of Research in Computer Science

Aims:  This study examines the role of Artificial Intelligence (AI) in enhancing software security across the Software Development Lifecycle (SDLC). It seeks to highlight how AI-driven tools and techniques strengthen security practices, improve efficiency, and address evolving cyber threats.

Study Design:  The paper adopts a conceptual review approach, providing an overview of prominent AI methods such as machine learning (ML), deep learning (DL), and natural language processing (NLP). These are analyzed in relation to their applications in different phases of the SDLC.

Methodology: The review explores AI integration into five stages of the SDLC: requirements, design, implementation, testing, and deployment/maintenance. It evaluates applications such as predictive risk analysis, secure design recommendations, vulnerability scanning, automated code review, penetration testing, anomaly detection, and real-time security monitoring.

Results:  Findings show that AI improves predictive threat modelling in the requirements stage and assists with secure design and attack surface analysis during design. In implementation, AI-based tools such as SonarQube and Checkmarx enhance code quality and detect security flaws. In testing, AI enables automated penetration testing and test case generation. At deployment and maintenance, AI supports real-time monitoring and predictive maintenance. Overall, AI adoption in the SDLC enhances efficiency, reduces human error, and accelerates threat identification. However, challenges include integration complexity, false positives, and data privacy concerns.

Conclusion:  AI significantly strengthens security throughout the SDLC by providing adaptive, automated, and proactive defenses. While integration challenges remain, its benefits outweigh limitations, making AI-driven practices essential for robust and agile software security in the present and future.