Episode 2

Harnessing AI in Software Development: Code, Security, and Automation

AI is reshaping the way we build and secure software. In this episode of AppSec.FM, Jerry Hoff talks with Arshan Dabirsiaghi about the practical realities of AI-generated code, the challenges it introduces, and the opportunities it creates for modern AppSec.

Highlights:

  • How AI-generated code improves developer productivity.
  • Why prompt engineering matters for secure AI use.
  • Risks of hallucinated package names in generated code.
  • Adapting modern CI/CD pipelines to AI-assisted development.
  • Automating vulnerability triage and remediation.
  • The continued role of DAST and static analysis.
  • How AI might accelerate cyberattacks.

Guest Links:

https://www.linkedin.com/in/arshan-dabirsiaghi/

https://pixee.ai

AppSec.FM is the podcast for application security professionals, hosted by Jerry Hoff. Subscribe on Apple Podcasts, Spotify, or at appsec.fm.

Next Episode All Episodes Previous Episode

About the Podcast

Show artwork for AppSec
AppSec

Listen for free

About your host

Profile picture for Jerry Hoff

Jerry Hoff

For the past two decades, I’ve been on the front lines of application security, leading teams, teaching thousands of developers, and helping shape how organizations around the world defend their software. Along the way I’ve held leadership roles at Aspect Security, WhiteHat Security, Sony Electronics, and NTT, always with the same goal: making technology safer.

Today I run AppSec Training, a boutique company dedicated to transforming security education into something practical, engaging, and impactful.

And now, through AppSec.FM, I get to do what I love most: connect with the brightest minds in cybersecurity, uncover their stories, and explore how we can secure software in an era defined by AI, rapid innovation, and relentless new threats.