The future of secure software is going through a mix of skills expected of humans and skills files created for LLMs. We might even posit that appsec as a discipline will fade (and that might not even be a bad thing!). Keith Hoodlet describes the skills he was looking for in building teams of security researchers and why there's still an emphasis on the ability to learn about and understand how sof...
This article showcases the increasing integration of AI and automation in appsec, as well as the challenges this presents for identity management and control. The discussion around agentic AI highlights the need for real-time enforcement before access is granted due to the growing identity risk associated with rapid AI adoption. The focus on AI bias bounty hunting indicates a growing recognition of the importance of addressing biases in AI systems. However, it's important to question the long-te...