Petra VukmirovicAbout this session
AI and AppSec: are we finally on the verge of the big breakthrough?
In cybersecurity, AI has made significant advances, especially in threat detection, risk quantification and remediation automation. However, perhaps in Application Security (AppSec), it hasn’t fully reached its potential—yet. This talk will explore why the next big breakthrough in AI is deemed to potentially revolutionise threat modelling and security reviews, an area traditionally plagued by manual processes, high complexity, and slow adoption in fast-moving development environments. We are at the tipping point where AI can understand code deeply enough to automate threat modelling, shifting threat modelling left and removing bottlenecks in the security review process. By using AI to derive data flows, identify threats and controls and continuously update threat models, we can potentially integrate security into the development lifecycle more effectively. Join this session to discuss and discover how AI could potentially take threat modelling as code (and from code!) to the next level. Key discussion points:
Current AI applications in AppSec How AI could revolutionise threat modelling and the potential key players in this field Limitations and adoption challenges