Explore critical security considerations for AI-generated code in this keynote presentation from All Things Open 2024. Delve into the challenges and risks associated with AI coding assistants like Duet AI, CodeWhisperer, and GitHub Copilot, while learning about community-driven solutions for secure code integration. Discover how outdated training data and potentially deprecated or malicious open source libraries can impact code security. Learn about implementing free and open source tools within the software development lifecycle to enhance security alongside AI coding assistants. Examine approaches for ensuring safe 'mergeability' of LLM-generated code based on successful open source community practices, with special attention to proof of origin solutions like sigstore that are becoming essential in AI-supported development environments.
Community-centric Approaches to Securing AI-generated Code
Overview
Syllabus
Keynote - Community-centric Approaches to Securing AI-generated Code - Craig McLuckie
Taught by
All Things Open
Related Courses
-
Managing Supply Chain Risk in a World of AI-Assisted Developers
-
Boost Your Coding Productivity - Embrace the AI Code Assistance with GitHub Copilot and Amazon CodeWh
-
What OSPOs Should Consider About GitHub Copilot and AI Code Assistants
-
Human vs AI: How to Ship Secure Code
-
Securing AI-Generated Code: Challenges and Solutions for the Future
-
Who Secures Our Code When an Army of Robots Is Writing It? - DevOps Security Challenges in AI-Driven Development
