Veracode’s Chris Wysopal on the security issues with AI code development

On this episode of Safe Mode, we’re joined by a renowned cybersecurity expert and CyberScoop 50 winner, Veracode co-founder and Chief Security Evangelist Chris Wysopal, to discuss the fast-evolving landscape of AI-assisted software development. Chris shares insights from a recent study examining over 100 large language models and their tendency to introduce security vulnerabilities in generated code. The conversation delves into why a staggering 45% of AI-generated code samples contained vulnerabilities and why improvements in AI reasoning haven’t translated to more secure outputs. Chris emphasizes the critical need for enhanced security testing and better quality training data, discussing both the challenges and opportunities ahead as AI adoption accelerates. Tune in for a thoughtful exploration of the intersection between AI, secure coding, and what the future holds for developers and enterprises alike.

In our reporter chat, Greg talks with Derek Johnson about work that OpenAI and Anthropic have done with the U.S. and U.K. government to secure their models.