Episode 8

Enterprise Secure Prompt Engineering

Prompt engineering is no longer just a developer experiment, it is becoming a critical enterprise skill. In this episode of AppSec.FM, Jerry Hoff talks with Jim Manico about the emerging practice of secure prompt engineering, how it affects AI-generated code, and what organizations can do to prepare. They cover the risks of third-party libraries, the evolving AISVS project, and how AI has the potential to transform application security if used correctly.

Highlights:

• Why secure prompt engineering is critical at the enterprise level.

• How AI-generated code introduces new security challenges.

• The role of prompt testing and continuous improvement.

• Minimizing third-party libraries to reduce vulnerabilities.

• How AISVS is evolving to address AI and secure coding.

• The future of secure coding in an AI-driven world.


Guest links:

https://www.linkedin.com/in/jmanico/

https://manicode.com

AppSec.FM is the podcast for application security professionals, hosted by Jerry Hoff. Subscribe on Apple Podcasts, Spotify, or at appsec.fm.

All Episodes Previous Episode

About the Podcast

Show artwork for AppSec
AppSec

Listen for free

About your host

Profile picture for Jerry Hoff

Jerry Hoff

For the past two decades, I’ve been on the front lines of application security, leading teams, teaching thousands of developers, and helping shape how organizations around the world defend their software. Along the way I’ve held leadership roles at Aspect Security, WhiteHat Security, Sony Electronics, and NTT, always with the same goal: making technology safer.

Today I run AppSec Training, a boutique company dedicated to transforming security education into something practical, engaging, and impactful.

And now, through AppSec.FM, I get to do what I love most: connect with the brightest minds in cybersecurity, uncover their stories, and explore how we can secure software in an era defined by AI, rapid innovation, and relentless new threats.