Chris Wysopal

The transformative impact of GenAI for software development and its implications for cybersecurity

Up to 41% of AI-generated code contains security flaws. It's time to use AI to fix the problems that AI creates.

The transformative impact of GenAI for software development and its implications for cybersecurity
#1about 6 minutes

From vulnerability researcher to automated security founder

The speaker traces their journey from a hacker testifying before the US Senate to founding Veracode to automate application security testing.

#2about 2 minutes

Analyzing vulnerability introduction and security debt

Data shows that new vulnerabilities increase as software ages and most teams accumulate security debt by not fixing flaws within a year.

#3about 4 minutes

How generative AI is changing software development

Generative AI boosts productivity through code generation and other tasks, but its reliance on vulnerable open-source code for training data introduces significant risk.

#4about 5 minutes

Research shows GenAI tools frequently generate insecure code

Multiple academic studies reveal that 30-40% of AI-generated code contains vulnerabilities, and developers are often overconfident in its security.

#5about 1 minute

Generative AI accelerates the creation of vulnerable code

By increasing code velocity without improving security quality, generative AI leads to a higher rate of new vulnerabilities being introduced into codebases.

#6about 4 minutes

Using AI to automatically find and fix security flaws

The solution to AI-generated vulnerabilities is to use specialized AI models, trained on curated good and bad code, to automate security fixes.

#7about 2 minutes

Evaluating the risks of AI-powered security tools

When adopting AI tools for security, it is crucial to consider the trustworthiness of training data, licensing issues, IP leakage, and fix accuracy.

#8about 1 minute

Prompting for security and embracing automation

Developers should explicitly ask generative AI for secure code and integrate automated security testing and fixing tools to keep pace with development.

Related jobs
Jobs that call for the skills explored in this talk.

Featured Partners

Related Videos

See all videos
GenAI Security: Navigating the Unseen Iceberg24:33

GenAI Security: Navigating the Unseen Iceberg

Maish Saidel-Keesing

WWC24 - Chris Wysopal, Helmut Reisinger and Johannes Steger - Fighting Digital Threats in the Age of AI24:14

WWC24 - Chris Wysopal, Helmut Reisinger and Johannes Steger - Fighting Digital Threats in the Age of AI

Chris Wysopal, Helmut Reisinger & Johannes Steger

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools35:37

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Liran Tal

Livecoding with AI31:39

Livecoding with AI

Rainer Stropek

Panel: How AI is changing the world of work41:06

Panel: How AI is changing the world of work

Pascal Reddig, TJ Griffiths, Fabian Schmidt, Oliver Winzenried & Matthias Niehoff & Mirko Ross

AI: Superhero or Supervillain? How and Why with Scott Hanselman25:17

AI: Superhero or Supervillain? How and Why with Scott Hanselman

Scott Hanselman

From Monolith Tinkering to Modern Software Development41:06

From Monolith Tinkering to Modern Software Development

Lars Gentsch

The Future of Developer Experience with GenAI: Driving Engineering Excellence28:38

The Future of Developer Experience with GenAI: Driving Engineering Excellence

Daniel Tao, Kathrin Schwan, Faris Haddad & Florian Schaudel

From learning to earning

Jobs that call for the skills explored in this talk.

AI Engineer Security

Paradigma Digital
Municipality of Madrid, Spain

API
Azure
Python
FastAPI
Computer Vision
+3