Mark Lubbat’s Post

Highly recommend this paper on AI-powered patching: the future of automated vulnerability fixes, especially for anyone looking at the intersection of AI, specifically LLMs, and GAIs in cybersecurity. https://lnkd.in/drQwQtXT

We've been hearing about "shift-left" in Cybersecurity for the better part of a decade... some organizations have done this better than others, but it's clear that adversaries are also paying attention and shifting attacks "left". This is a great recent example of why you should care about "shifting security left": https://lnkd.in/e3fWbeHj

The introduction of code scanning autofix by GitHub in November 2023 represents a significant advancement in the realm of cybersecurity, leveraging AI to address security vulnerabilities in users' codebases. Autofix operates by employing sophisticated algorithms to analyze code for potential security flaws and automatically suggesting fixes to remediate these issues. This process not only enhances the efficiency of addressing vulnerabilities but also minimizes the burden on developers, allowing them to focus on other critical aspects of their projects. https://lnkd.in/gnrRdmvU

The rapid integration of generative AI powered by large language models (LLMs) into various applications has brought forth a new wave of security challenges. The Open Worldwide Application Security Project (OWASP) Top 10 for LLM Applications study provides a crucial framework for understanding these newfound vulnerabilities. This Blog tells you how MuleSoft comes into play.

Tech giants are struggling to manage software supply chain risks, according to a report by JFrog, which highlights the growing number of vulnerabilities and the need for better security measures. https://lnkd.in/gu7StGEy #SoftwareSupplyChain #Cybersecurity #TechIndustry 🤖💻🔒

It will be very interesting to see the potential of #LLMs accelerate #software #development by automating bug fixing, addressing some of the scalability challenges, prioritization of more complex issues, and hopefully (fingers crossed) improving software quality, application #security, and safeguarding #data #privacy and confidentiality. #informationsecurity #cybersecurity #strategy #innovation #digitaltransformation #artificialintelligence #riskmanagement

Venture Beat captures the highlights of our Software Supply Chain State of the Union report. Read about the #DevSecOps data trends that will affect your #enterprise.

Palo Alto Networks Unit 42 security research teams have identified two vulnerabilities in #LangChain. These could have allowed attackers to execute arbitrary code and access sensitive data, respectively. LangChain has since issued patches to resolve these vulnerabilities. This article provides a comprehensive technical examination of these security issues and offers guidance on mitigating similar #genai #threats in the future. https://lnkd.in/gNtETdck

Acceleration Economy practitioner analyst Chris H. explores the AI Generated Code Security Report from Snyk, which exposes a false sense of #security with AI-generated code. Over 75% of #developers surveyed believe #AI code is more secure than human code, but 56% admit to encountering security issues. The peril deepens as 80% bypass security policies, neglecting scanning activities. #cybersecurity Tune in: https://lnkd.in/ef_gFWb6

Palo Alto Networks #unit42 CDSS #securityresearch team have identified two vulnerabilities in #LangChain. These two #cve could have allowed attackers to execute arbitrary code and access sensitive data, respectively. LangChain has since issued patches to resolve these vulnerabilities. This article provides a comprehensive technical examination of these security issues and offers guidance on mitigating similar #genai #threats in the future. https://lnkd.in/gc7dP88v