From d029c147ac43399149e43ab24d4a5d1e24451f60 Mon Sep 17 00:00:00 2001 From: Alone2671 <62079805+Alone2671@users.noreply.github.com> Date: Sun, 3 Nov 2024 15:22:04 +0300 Subject: [PATCH] Create AI-and-AppSec-are-we-finally-on-the-verge-of-the-big-breakthrough.md --- ...ly-on-the-verge-of-the-big-breakthrough.md | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 content/sessions/2024/mini-summits/Dec/AI-and-AppSec-are-we-finally-on-the-verge-of-the-big-breakthrough.md diff --git a/content/sessions/2024/mini-summits/Dec/AI-and-AppSec-are-we-finally-on-the-verge-of-the-big-breakthrough.md b/content/sessions/2024/mini-summits/Dec/AI-and-AppSec-are-we-finally-on-the-verge-of-the-big-breakthrough.md new file mode 100644 index 00000000000..e2bd1fe4fda --- /dev/null +++ b/content/sessions/2024/mini-summits/Dec/AI-and-AppSec-are-we-finally-on-the-verge-of-the-big-breakthrough.md @@ -0,0 +1,39 @@ +--- +title : "AI and AppSec: are we finally on the verge of the big breakthrough?" +track : DevSecOps +project : DevSecOps +type : working-session +topics : +featured : +event : mini-summit +when_year : 2024 +when_month : Dec +when_day : Wed +when_time : WS-19-18 +hey_summit : +session_slack: +#status : draft +description : +banner : +organizers : + - Petra Vukmirovic + +youtube_link : +zoom_link : +--- + +## About this session + +AI and AppSec: are we finally on the verge of the big breakthrough? + +In cybersecurity, AI has made significant advances, especially in threat detection, risk quantification and remediation automation. +However, perhaps in Application Security (AppSec), it hasn't fully reached its potential—yet. This talk will explore why the next big breakthrough in AI is deemed to potentially revolutionise threat modelling and security reviews, an area traditionally plagued by manual processes, high complexity, and slow adoption in fast-moving development environments. +We are at the tipping point where AI can understand code deeply enough to automate threat modelling, shifting threat modelling left and removing bottlenecks in the security review process. By using AI to derive data flows, identify threats and controls and continuously update threat models, we can potentially integrate security into the development lifecycle more effectively. +Join this session to discuss and discover how AI could potentially take threat modelling as code (and from code!) to the next level. +Key discussion points: + +Current AI applications in AppSec +How AI could revolutionise threat modelling and the potential key players in this field +Limitations and adoption challenges + +