We’re discussing vibe coding again and how AI-generated code is reshaping software development. We discuss the trustworthiness and maintainability of AI-generated code, examining the challenges of reviewing and integrating automated changes at scale. The conversation spans from practical concerns about code quality to broader implications for open-source projects in an AI-augmented world. We talk about identifying telltale patterns in AI-generated code and why context and traceability are becoming essential for trusting automated systems.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

It’s security conference season and we’re discussing the importance of networking, the value of in-person connections, and sharing insightful tips for delivering effective presentations. From recapping our conference experiences, debating the significance of keynotes, to reminiscing about the impact of classic rock bands like Def Leppard. Listen now to hear about conference experiences, mentoring sessions, and the evolving industry landscape.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

We’re discussing the complexities of the Model Context Protocol (MCP) and its application in AI systems. Join us for an in-depth discussion about MCP, agent-to-agent communication, and potential security vulnerabilities. We wrap up with a thought-provoking conversation on the future of AI safety and the challenges it presents. 

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

Listen in as we debate the differences between threat intelligence and threat modeling. What distinguishes these two concepts in cybersecurity, and how do they inform each other? The conversation explores definitions, real-world examples, and the interconnected relationship between proactive threat modeling and reactive threat intelligence.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

Today we delve into the evolving landscape of cybersecurity hiring, debating the merits of prioritizing skills over degrees and experience. From discussing the value of critical thinking and hands-on skills to the potential role of AI in the workforce, the conversation navigates the complexities of hiring practices. We share personal anecdotes, insights from industry articles, and our experiences as hiring managers. Tune in for a humorous and thought-provoking discussion on what really matters when building a successful cybersecurity team.

CISOs Rethink Hiring to Emphasize Skills Over Degrees and Experience article

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

Vibe coding, or using AI to generate code by describing what you want. We critically examine the concerns surrounding AI-generated code, including code quality, security risks, and the potential for creating numerous low-quality applications. Our discussion explores whether AI can truly provide foolproof, production-ready code, or if it should be limited to idea generation and prototyping. Catch our candid take on the dangers of relying on AI for software development and the importance of maintaining human expertise in the coding process.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

We’re discussing the complexities of saying 'yes' or 'no' in the context of security decisions in today’s episode and the enduring challenge of integrating security into software development. The conversation swerves into the intriguing idea of a trade-like progression for developers, contrasting it with current knowledge work. The episode culminates in a hit parade of pop culture references, including Star Wars, Star Trek, Firefly, and more. Tune in for a thought-provoking and fun conversation!

Article Link:  How to Say 'No' Well

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

The Cyber Trust Mark, a new FCC program aimed at assuring the security of IoT devices is the topic of discussion today. We discuss various aspects of the Cyber Trust Mark, the history of similar initiatives like UL certification, and the challenges faced by consumers in determining the security of their devices. They also debate the merits and drawbacks of regulations like the EU's Cyber Resilience Act, the importance of secure-by-default design, and the limitations of relying solely on consumers or independent labs to ensure security. Throughout, they explore whether this new mark can genuinely make a difference or if it's just a rehash of old ideas.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

Hovercrafts and application security in the new year. We revisit last year's predictions on Quantum LLM, SBOMs, and whether DAST tools will make a comeback. With humor and forward-thinking, we explore what the future might hold for application security, the rise of new technologies, and even the outlandish idea of AppSec being dead. 

Episode mentioned:
AppSec Resolutions - January 9, 2024

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!

What makes a conference truly valuable? Is it the unexpected connections and serendipitous meetings of minds, or the chance to break free from the "security echo chamber" by exploring diverse conference experiences? We discuss the considerations that make conferences worth attending and examine whether they are compelling enough to warrant personal investment. Whether large or intimate, each conference provides a distinct journey of learning and interaction.

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @SecTablePodcast
➜LinkedIn: The Security Table Podcast
➜YouTube: The Security Table YouTube Channel

Thanks for Listening!