Here at Freethought Services, we have started to see a lot of new options for solving software problems. With the help of AI, people are able to roll out new software and solutions at a pace never seen before. The AI-powered coding assistants like GitHub Copilot, Amazon CodeWhisperer, and Claude Code are making a huge change to how software is created.

But have you noticed a slight uptick in strange glitches or unexplained behaviour recently? You’re not alone. Recent analysis suggests a worrying trend: the very tools designed to boost efficiency might be unintentionally contributing to an increase in software defects and security vulnerabilities.

Why is this happening? There are a couple of key reasons. Firstly, these powerful AI models are trained on colossal datasets of public code – much of which contains inherent bugs, insecure patterns, or outdated practices. While the AI learns patterns, it doesn’t inherently understand correctness or security in the same way a seasoned developer does. It can merrily suggest code snippets that look plausible but hide subtle flaws or security gaps.

Secondly, there’s the human factor. The sheer convenience can lead to over-reliance. When suggestions flow so quickly, it’s easy to accept them without the rigorous scrutiny they deserve. Critical thinking and deep review can take a backseat, especially under tight deadlines. Some evidence even points to an increase in “code churn” – code that’s written but then quickly modified or removed – which often signals underlying quality issues potentially fueled by AI-generated suggestions that weren’t quite right in the first place.

So, what’s the solution? Banning new tools isn’t realistic or productive. These new tools solve problems and help businesses. There are a few simple steps to ensure it’s secure and reliable:

• Assess the supplier: Check their track record, support model, and whether they follow recognised security standards or independent audits.
• Review data handling: Understand where data is stored, how it’s protected, and whether access controls and encryption meet your requirements.
• Test before full rollout: Trial the software in a limited environment to check compatibility and identify risks.
• Maintain it properly: Keep the software updated, apply patches promptly, and monitor vendor security advisories.

These steps help reduce risk while ensuring the software delivers value without compromising security. Of course, if you have Frethought in your corner, we can help determine the right fit from a technical point of view, and all part of the service.