.svg)
This series is brought to you by a joint partnership between Kodem Security, Pixee, Kodem and Latio Tech. Hosted by James Berthoty, AppSec AIwaves features insightful interviews with esteemed application security experts and thought leaders. Join us as we explore the latest trends, challenges, and innovations in the field, uncovering how AI is transforming the landscape of application security.
AI in Security Workflows
James Berthoty and Surag Patel, CEO of Pixee, discuss the role of AI in application security and the challenges of integrating AI into security solutions. Both emphasize the importance of understanding the problem before deciding to use AI and highlight the need for AI to be additive and specific in its application. The conversation also delves into the use of AI in baselining and the considerations for using AI in security workflows.
The Path to MLBOM
James Berthoty interviews Jacob Barkay, a product security architect at Edwards Life Sciences. They discuss the impact of large language models (LLMs) on product security, especially in regulated industries like healthcare. Jacob emphasizes the importance of ensuring the security of LLMs, transparency, and rigorous checks. He highlights the evolving nature of AI security standards and the need for data scientists to understand these risks.
Prompt Injections and Beyond
In this conversation, James Berthoty talks with Elad Shulman, CEO and co-founder of Lasso Security. Elad emphasizes the importance of understanding and mitigating risks associated with GenAI, such as data leaks, manipulation of models, prompt injections and unknown threats. They also touch on how different teams within organizations approach AI security and the evolving use cases for AI in enterprises.
Hacking with AI
Joseph Thacker, Principal AI Engineer at AppOmni, discusses how AI and LLMs can boost creativity in tasks like testing and bug bounties by offering a variety of solutions. To maximize AI's effectiveness, Joseph emphasizes the importance of providing it with extensive context, ensuring the AI tool has a clear understanding of what’s being evaluated. When applying AI to active web applications, he highlights the need for a decision-making core that can effectively process key elements such as the host, path, and other contextual information. This deeper understanding enables AI to make more accurate and informed assessments, enhancing its overall performance in cybersecurity tasks.
Meet Your Host James Berthorty
James Berthoty has over 10 years of experience in technology, spanning engineering and security roles. He is an early advocate for DevSecOps and is passionate about empowering security teams to contribute to product development. He founded Latio Tech with the goal of connecting people with the right products.
