Tag: secure by default
The Risk Profile of AI-Driven Development
Ilkka Turunen | | AI-generated code, AIBOM, autonomous development, autonomous security, challenge bottleneck, CI CD gating, cloud-native security, Dependency Management, GRC engineering, hallucinations, IDE controls, license compliance, machine speed enforcement, OpenSSF Gemara, Outdated Dependencies, policy based dependency selection, prompt level governance, review bottleneck, runtime transparency, SBoM, secure by default, shift left security, Software Supply Chain, threat modeling, transitive dependencies, trusted registries, typosquattingAnalysis arguing that AI-driven code generation accelerates dependency decisions and expands supply-chain risk, requiring shift-left governance, prompt-level controls, automated SBOM/AIBOM visibility, threat-modeling as engineering, and autonomous security to match autonomous development ...
Secure By Design, Secure by Default
Julian Browne | | adaptive security, continuous improvement, continuous security, cyber resilience, devops, devops best practices, devsecops, dynamic systems, embedded security, enterprise compliance, incident response, modern software delivery, production monitoring, real-time security, secure by default, secure coding, secure-by-design, security governance, security in production, security strategy, security theatre, shift left security, software security, static analysis, threat modeling“Shift left” alone won’t secure software. Real security must be embedded continuously across design, development, and production—not just moved earlier ...
