This talk explores the transformative impact of GenAI on software development and its subsequent implications for cybersecurity. With GenAI, developers are shifting from traditional code reuse to generating new code snippets by prompting GenAI, leading to a significant change in software development dynamics. This advancement introduces new AppSec challenges as AI-generated code from LLMs trained on vulnerable OSS leads to vulnerable generated code. The higher code velocity enabled by generated code turns into higher vulnerability velocity and all the challenges velocity brings to security testing and remediation. The OSS training data set is also susceptible to data poisoning attacks. To make matters worse, developers, who should be the "person-in-the-middle", tend to trust GenAI created code more than human created code. This presentation will delve into real-world data from multiple academic studies, examining how GenAI is reshaping software security landscapes, the associated risks, and potential solutions to mitigate these emerging challenges. By: Chris Wysopal | CTO & Co-Founder, Veracode Full Abstract and Presentation Materials Available: https://ift.tt/VvekuX3
source https://www.youtube.com/watch?v=uv4AD6ICcfE
-
Axis Security, a company that specializes in private application access, emerged from stealth mode on Tuesday with $17 million in funding....
-
Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scho...
No comments:
Post a Comment