Enterprise cybersecurity is a game of constant learning, fixing, and improving – there is no final level. Artificial intelligence has added a new layer to the cybersecurity puzzle as attackers rely on it to implement new tactics at scale.
How is AI changing the game from a developer and security team perspective?
“I think 95% of developers use generation AI, whether it’s Copilot or Gemini or any other generative AI solution available,” said Peter McKay (photo, left), CEO of Snyk Ltd. “I think developers are using it more than ever. When you think about how our company has evolved over the years, it’s this incredible developer productivity. They are now even more productive thanks to the use of generative AI tools. We’re just making sure the security teams can keep up.
McKay and Danny Allan (right), CTO of Snyk, spoke with the head of CUBE Research Dave Vellant At RSA Conference, in an exclusive broadcast on theCUBE, SiliconANGLE Media’s live streaming studio. They discussed the intersection of AI and cybersecurity, exploring how this shapes the future of digital asset protection. (*Disclosure below.)
The evolution of cybersecurity threats and the role of AI
The reality of today’s cyberspace is that, despite significant investments in cybersecurity, cyber adversaries continue to advance. As companies invest in cutting-edge solutions and upskill their security teams, attackers are refining their approaches, using AI as a powerful tool. To stay competitive, companies must implement security defenses earlier in the software development lifecycle, according to McKay.
“I think the reality is that the only way to truly solve application security is to move it to the left or move it earlier in the software development lifecycle,” he said. “You don’t want developers to slow down, and you don’t expect developers to be security experts. You need to build security in behind the scenes, allowing developers to continue developing quickly. The risks have never been greater to do this.
AI and machine learning techniques are now being used to address security challenges in unprecedented ways. Using AI, developers can improve productivity while ensuring security, but the challenge is keeping security teams up to date with the rapid pace of development, Allan added. The acquisition of DeepCode by Snyk is part of this philosophy of empower developers exactly how they code.
“DeepCode is probably one of the most important (acquisitions),” Allan said. “DeepCode was interesting because it got them very meaningfully involved in security testing of static SaaS applications. If you look at how they do static application security testing, they use symbolic regression testing to find vulnerabilities in the code – and we continue to iterate on this.
While identifying vulnerabilities is crucial, the real value lies in effectively resolving these issues. Snyk’s goal is to provide actionable insights and automated remediation, ensuring developers can resolve security issues without slowing down development, Allan added.
“You’ve identified the problem and you know it, but what are you actually doing about it? ” He asked. “At Snyk, our goal is to understand the application, to know where all the problems are, but we want to bring you back to actually solving the problem. Because knowledge is good, but even better is solving the problem.
Here’s the full video interview, part of SiliconANGLE and theCUBE Research’s coverage on the RSA Conference:
(*Disclosure: Snyk Ltd. sponsored this segment of theCUBE. Neither Snyk nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
Your vote of support is important to us and helps us keep content FREE.
A click below supports our mission of providing free, in-depth and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Andy Jassy, CEO of Amazon.com, Michael Dell, Founder and CEO of Dell Technologies, Pat Gelsinger, CEO of Intel, and many more luminaries and experts.
THANK YOU