Appsec News & Interviews from RSAC on Identity and AI - Rami Saas, Charlotte Wylie

Appsec News & Interviews from RSAC on Identity and AI - Rami Saas, Charlotte Wylie - ASW #331
这篇文章讨论了Coinbase面临的贿赂和内部威胁问题，NCSC指出激励安全设计的重要性，并介绍了新的网络安全技能框架。同时探讨了身份管理的复杂性以及如何通过全面解决方案保障安全性。文章还分享了Okta和Mend.io在RSAC大会上的赞助内容。 2025-5-20 09:0:0 Author: sites.libsyn.com(查看原文) 阅读量:7 收藏

May 20, 2025

In the news, Coinbase deals with bribes and insider threat, the NCSC notes the cross-cutting problem of incentivizing secure design, we cover some research that notes the multitude of definitions for secure design, and discuss the new Cybersecurity Skills Framework from the OpenSSF and Linux Foundation. Then we share two more sponsored interviews from this year's RSAC Conference.

With more types of identities, machines, and agents trying to access increasingly critical data and resources, across larger numbers of devices, organizations will be faced with managing this added complexity and identity sprawl. Now more than ever, organizations need to make sure security is not an afterthought, implementing comprehensive solutions for securing, managing, and governing both non-human and human identities across ecosystems at scale.

This segment is sponsored by Okta. Visit https://securityweekly.com/oktarsac to learn more about them!

At Mend.io, we believe that securing AI-powered applications requires more than just scanning for vulnerabilities in AI-generated code—it demands a comprehensive, enterprise-level strategy. While many AppSec vendors offer limited, point-in-time solutions focused solely on AI code, Mend.io takes a broader and more integrated approach.

Our platform is designed to secure not just the code, but the full spectrum of AI components embedded within modern applications. By leveraging existing risk management strategies, processes, and tools, we uncover the unique risks that AI introduces—without forcing organizations to reinvent their workflows. Mend.io’s solution ensures that AI security is embedded into the software development lifecycle, enabling teams to assess and mitigate risks proactively and at scale.

Unlike isolated AI security startups, Mend.io delivers a single, unified platform that secures an organization’s entire codebase—including its AI-driven elements. This approach maximizes efficiency, minimizes disruption, and empowers enterprises to embrace AI innovation with confidence and control.

This segment is sponsored by Mend.io. Visit https://securityweekly.com/mendrsac to book a live demo!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-331

文章来源: http://sites.libsyn.com/18678/appsec-news-interviews-from-rsac-on-identity-and-ai-rami-saas-charlotte-wylie-asw-331
如有侵权请联系:admin#unsafe.sh