AI Is Already Inside Your SDLC. Now What?

𝐀𝐈 𝐢𝐬 𝐧𝐨 𝐥𝐨𝐧𝐠𝐞𝐫 𝐚𝐩𝐩𝐫𝐨𝐚𝐜𝐡𝐢𝐧𝐠 𝐭𝐡𝐞 𝐒𝐃𝐋𝐂. 𝐈𝐭 𝐢𝐬 𝐚𝐥𝐫𝐞𝐚𝐝𝐲 𝐞𝐦𝐛𝐞𝐝𝐝𝐞𝐝 𝐢𝐧𝐬𝐢𝐝𝐞 𝐢𝐭. In this SafeDev Talk episode, security leaders and OWASP experts come together to examine how AI is fundamentally reshaping modern software development and why traditional AppSec governance models are struggling to keep up. The conversation explores how copilots, AI-generated code, autonomous agents, MCP-connected tooling, and machine-driven workflows are expanding the attack surface across the SDLC in ways most organizations still cannot fully see. Featuring 𝐀𝐬𝐡𝐰𝐢𝐧𝐢 𝐒𝐢𝐝𝐝𝐡𝐢 (OWASP Global Board of Directors,   / ashwini-siddhi  , 𝐒𝐚𝐦 𝐒𝐭𝐞𝐩𝐚𝐧𝐲𝐚𝐧 (OWASP London Chapter Leader,   / samstepanyan  , 𝐉𝐞𝐬𝐮𝐬 𝐂𝐮𝐚𝐝𝐫𝐚𝐝𝐨 (CEO at Xygeni,   / jesus-cuadrado  , and 𝐋𝐮𝐢𝐬 𝐑𝐨𝐝𝐫𝐢́𝐠𝐮𝐞𝐳 𝐁𝐞𝐫𝐳𝐨𝐬𝐚 (Chief Security Research Officer at Xygeni,   / luis-rodr%c3%adguez-xygeni  , this session brings together perspectives from AppSec leaders operating at the intersection of AI, software supply chain security, DevSecOps, and modern development governance. The panel breaks down how AI is changing the AppSec threat model itself. The discussion goes beyond productivity tooling to focus on operational risk: why CISOs are losing visibility across development environments, how Shadow AI is expanding inside engineering teams, why AI-generated dependencies create entirely new software supply chain risks, and how increasingly autonomous agentic workflows challenge traditional trust boundaries across the SDLC. Rather than treating AI adoption as a future concern, this episode explores the practical reality organizations already face today: maintaining visibility, attribution, governance, and continuous verification across AI-assisted software development environments operating at machine speed. ⭐ 𝐊𝐞𝐲 𝐓𝐚𝐤𝐞𝐚𝐰𝐚𝐲𝐬 𝐟𝐨𝐫 𝐒𝐚𝐟𝐞𝐃𝐞𝐯 𝐓𝐚𝐥𝐤 𝐀𝐈 𝐈𝐬 𝐀𝐥𝐫𝐞𝐚𝐝𝐲 𝐈𝐧𝐬𝐢𝐝𝐞 𝐘𝐨𝐮𝐫 𝐒𝐃𝐋𝐂 • Why AI-driven SDLCs fundamentally change traditional AppSec assumptions • How Shadow AI is creating visibility and governance challenges across engineering teams • Why AI-generated code and dependencies introduce new software supply chain risks • How agentic workflows expand the attack surface beyond traditional CI/CD models • Practical approaches to securing AI-assisted development without slowing developers down This episode is highly relevant for professionals working in Application Security, DevSecOps, Software Supply Chain Security, AI Governance, Platform Security, and engineering teams adopting AI-driven development workflows. Takeaway: 𝐀𝐈-𝐝𝐫𝐢𝐯𝐞𝐧 𝐒𝐃𝐋𝐂𝐬 𝐫𝐞𝐪𝐮𝐢𝐫𝐞 𝐚 𝐧𝐞𝐰 𝐦𝐨𝐝𝐞𝐥 𝐨𝐟 𝐯𝐢𝐬𝐢𝐛𝐢𝐥𝐢𝐭𝐲, 𝐠𝐨𝐯𝐞𝐫𝐧𝐚𝐧𝐜𝐞, 𝐚𝐧𝐝 𝐙𝐞𝐫𝐨 𝐓𝐫𝐮𝐬𝐭 𝐀𝐩𝐩𝐒𝐞𝐜. Subscribe to SafeDev Talks and follow Xygeni for more expert conversations on AI-aware AppSec, DevSecOps, and securing modern software development from code to runtime. #SafeDevTalks #AppSec #DevSecOps #AISecurity #CyberSecurity #SoftwareSupplyChain #AI #OWASP #AgenticAI #SecureCoding #SDLC #Xygeni