Episode sponsors:

Abhishek Arya is director of engineering at Google, overseeing open source and supply chain security efforts that include OSS-Fuzz, SLSA, GUAC and OSV DB.

In this episode, Arya talks about some early success experimenting with AI and LLMs on fuzzing and vulnerability management, the industry's over-pivoting on SBOMs, regulations and liability for software vendors, and the long road ahead for securing software supply chains.

Links:

• Abhishek Arya on LinkedIn
• OSS-Fuzz: Continuous fuzzing for open source software
• Google Brings AI Magic to Fuzz Testing
• AI-Powered Fuzzing: Breaking the Bug Hunting Barrier
• AI Cyber Challenge