Generative AI: Understanding the AppSec risks and how DAST can help

Discussion Topics

AI generators: Understanding the AppSec risks and how DAST can helpAI text- and code-generating tools like GitHub Copilot and ChatGPT can help developers write code faster and more efficiently, but carefree reliance on these tools could expose your organization to a range of risks. Superficially valid suggestions can result in vulnerable code that increases risk and requires additional remediation work down the line. Then there’s the potential for abuse if such tools are used with malicious intent.This eBook will explore how DAST and other methods of application security testing and analysis can help mitigate the security risks, and spotlights other potential threats developers should watch for, including:

  • The importing of AI-suggested libraries that don’t exist (but can be spoofed by malicious actors)
  • Privacy concerns surrounding AI engine queries
  • Superficially correct code that introduces business logic vulnerabilities
  • Possible code licensing violations