Embedding security in every stage of software development &#8212; including pipelines that leverage AI code generation. This session outlined how security leaders can design, govern and validate secure-by-design development in the age of AI.&nbsp;Key Topics<ul><li>Mapping NIST SP 800-218 (SSDF) to AI-enabled DevSecOps workflows</li><li>Integrating static (SAST), dynamic (DAST) and composition (SCA) testing to validate both human- and AI-authored code</li><li>Detecting AI-introduced patterns (e.g., insecure libraries, unvalidated inputs, exposed keys)</li><li>Governance for AI code tools &#8212; ensuring provenance, data protection and human review checkpoints</li><li>Leveraging automation and ML to improve precision and reduce false positives</li></ul>

Embedding security in every stage of software development — including pipelines that leverage AI code generation. This session outlined how security leaders can design, govern and validate secure-by-design development in the age of AI. Key Topics Mapping NIST SP 800-218 (SSDF) to AI-enabled DevSecOps workflows Integrating static (SAST), dynamic (DAST) and composition (SCA) testing to validate both human- and AI-authored code Detecting AI-introduced patterns (e.g., insecure libraries, unvalidated inputs, exposed keys) Governance for AI code tools — ensuring provenance, data protection and human review checkpoints Leveraging automation and ML to improve precision and reduce false positives

On-Demand

Webinar / Webcast

Artificial Intelligence

DevOps/DevSecOps

Security

State and Local Government

agency

Federal Government

Carahsoft Technology Corp.

Veracode Government Team at Carahsoft

Cody Bertram, Field CTO, Channel Partnerships &amp; Strategic Alliances, Veracode

Building Secure Software - By Design & By AI

Speaker Details