Pixee – Who Secures Our Code When an Army of Robots Are Writing It?
In today’s episode of Tech Talks Daily, we delve into a crucial and timely topic at the intersection of AI and cybersecurity. Our guest is Arshan Dabirsiaghi, a renowned security researcher turned entrepreneur, whose unique journey from the helm of a successful software security unicorn to the founder of Pixee is as fascinating as it is inspiring.
Arshan’s story is not just about technological innovation; it’s also a testament to the resilience and dreams of immigrants, as his father’s immigration story vividly illustrates.
The core of our discussion revolves around a burgeoning issue in the tech world: the increasing reliance on Large Language Models (LLMs) like GitHub’s Copilot in software development. With an estimated 46% of code on GitHub now generated by LLMs, we’re witnessing a seismic shift in how software is created.
However, this shift brings with it a host of security challenges. Historically, developers have not been primarily focused on security, a gap that has led to numerous vulnerabilities and high-profile hacks. The integration of LLMs into the coding process is exacerbating this issue, creating a vast expanse of code that needs to be secured, far outpacing our current capabilities.
Arshan discusses his latest venture, Pixee, and its flagship product, pixeebot. Pixeebot is not just another security tool; it represents a revolutionary step forward in the fight against software vulnerabilities. This free GitHub App acts like a virtual security engineer, not only identifying but also fixing code vulnerabilities. More than a mere band-aid solution, Pixeebot offers an educational component that could be vital for training both new programmers and, potentially, LLMs themselves.
This episode is not just about Pixee or pixeebot, though. It’s a broader conversation about the urgent need for solutions in a world where the ratio of code developed to code secured is becoming astronomically unmanageable. We explore the landscape of software development, the primary security concerns in this AI-augmented era, and the critical role of “virtual security engineers.”
We explore how AI and automation can scale secure code efforts across the software development lifecycle, from planning and threat modeling to code creation and production monitoring.
As we navigate these discussions, we also touch on the broader implications for the industry and steps that companies and developers should take to adapt to this rapidly evolving landscape.
Join us on this enlightening journey as we unravel the complexities and explore the innovative solutions at the forefront of AI and cybersecurity with Arshan Dabirsiaghi.