AI on the Radar: Securing AI Driven Development

Join Vandana and Rob in this insightful webinar exploring the rapidly evolving landscape of AI security. As we shift from simple query-response models to complex autonomous agents that can plan, execute code, and access sensitive APIs, the traditional security "locks" are no longer sufficient. This session dives deep into the OWASP AI Exchange, a community-driven initiative providing practical guidance and technical controls for securing AI systems. Learn why "moving fast" without security can lead to a "house of dynamite" and discover the essential mental models needed to protect the next generation of AI-driven applications.

Use Snyk for free to find and fix security issues in your applications today! https://snyk.co/ugLYn

✍️ Resources ✍️

• https://owaspai.org/
• https://www.opencre.org/

⏲️ Chapters ⏲️

00:00 Introduction: Moving beyond basic models to AI agents.

00:58 The shift from securing applications to securing decision-making systems.

01:54 Why traditional input/output security patterns are failing AI.

03:12 Meet Rob: 34 years in AI and the birth of the OWASP AI Exchange.

05:40 The "Wrong Assumption": Why speed is not the quickest way to the finish line.

06:44 The danger of letting LLMs handle authorization and code execution.

09:04 The risk of tool abuse: Agents with access to the physical and digital world.

11:22 Practical Security Patterns: Personal, Organizational, and Technical levels.

12:54 Deep dive into Blast Radius Control and Bounded Autonomy.

14:27 The "FOUNDATION" Mission: Explaining the OWASP AI Exchange framework.

18:11 Education vs. "Security Theater": Why a human-in-the-loop isn't a silver bullet.

20:28 The optimism of community: Aligning with ISO, the AI Act, and SANS Institute.

26:00 Conflict of interest in AI vendors and treating agents as "people."

31:19 Is AppSec dead? The future of security engineering in an AI world.

⚒️ About Snyk ⚒️

Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

Learn more about Snyk: https://snyk.co/ugLYl

📱 Connect with Us 📱

🖥️ Website: https://snyk.co/ugLYl
🐦 X: http://twitter.com/snyksec
💼 LinkedIn: https://www.linkedin.com/company/snyk
💬 Discord: https://discord.gg/devsecops-community-918181751526948884

• ️ Subscribe: https://www.youtube.com/c/SnykSec
• 🔥 We're hiring! Check our open roles: https://snyk.co/ugLYp

🔗 Hashtags 🔗
#DevSecOps #owasp #appsec #cybersecurity