Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don’t really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and figure out how to establish trust in … Read more
Dinostroids, my first vibe-coded software project, is live. The last time I wrote any meaningful amount of production software was in 1990. At the time, I was running a software consulting company with my partner, Dave Jilk. We’d reached the point where, as we grew, he became responsible for all the software, and I handled … Read more
“Vibe coding,” a recent trend of using large language models (LLMs) to generate code based on plain-language prompts, can yield code that is vulnerable to up to nine out of the top 10 weaknesses in the Common Weakness Enumeration (CWE), according to Backslash Security.Vibe coding, while only gaining popularity within the last few months, is … Read more
By Andrey Karpov In the modern world of software development, code quality is becoming a critical factor that determines a project success. Errors in code can entail severe consequences. Related: The convergence of network, application security For example, vulnerabilities in banking applications can lead to financial data leaks, and errors in medical systems can threaten … Read more
By Byron V. Acohido Software Safety Posture Administration (ASPM) arose a number of years in the past as a method to assist software program builders and safety groups frequently enhance the safety of enterprise functions. Associated: Addressing rising cyber compliance pressures At Black Hat USA 2024, an iteration referred to as Lively ASPM is within … Read more