The Boring AppSec Podcast S1E10 - Future Security Predictions
The tenth and the final episode of Season 1 of The Boring AppSec Podcast is live now.
"Culture eats strategy" is something I've heard from many leaders and I truly believe in it. More so, in the security industry because a lot of security problems are rooted in the security culture of an organization. Keeping aside the skeptic hat for AI use cases, I really think there is value to be had in treating LLMs the way they ought to be treated - augmenting humans as opposed to replacing us and setting the right tone with establishing a culture that could go a long way enabling developers and not necessarily blocking them.
When product security engineers perform security activities such as threat modeling and secure design reviews, the outcomes from these activities are generally dependent on the skills of that engineer and their experience (for the most part). This might not necessarily equate to what developers need to know in order to do their job and keep up with their velocity of shipping code.
Such outcomes/recommendations need to be well researched, practical and easy to follow with good real world examples which eventually is very helpful in building trust with the engineering peers. Solving this with AI could be a good means to an end. I find this very thought provoking and I am curious to hear your thoughts on this topic!
In the latest episode, we predict the following:
- AI agents - different kinds - activity based and/or persona based
- Security talent is going to get better, hiring will become important
- AI powered security engineers - jr engineers up leveling their skills easily
- AI code review assistants w/ GPT4-o
- Company consolidations happening in the security industry - D&R space
- ASPM predictions and how AI agents will help evolve this space
- CISA’s guidance on building more resilient infrastructure to be able to support the future technological needs
- Automated red teaming
- Hiring security engineers vs changes in interviewing
We hope you tune in and, if you like the episode, please do subscribe!