There are no black cats, broken mirrors or sudden storms to announce the news. Still, AI-generated code has become a double-edged sword, offering unparalleled productivity while quietly introducing vulnerabilities and weaknesses. Whether through poisoned models, maliciously crafted to inject flaws or poor-quality training data, your trusted AI companion could be a Trojan horse.
This talk unveils the dark side of AI in software development, exposing how attackers exploit AI to compromise open-source projects and infiltrate the software supply chain.
Learn how bad actors leverage sophisticated techniques to embed security flaws in libraries you trust, and discover how untested, AI-generated solutions can open doors to catastrophic exploits.
With real-world examples, We'll dissect how these attacks happen and offer strategies to safeguard your projects.
In the battle for secure software, your tools could be your greatest weakness or your first line of defence. Prepare to confront the chilling truth about AI and your code.
This talk unveils the dark side of AI in software development, exposing how attackers exploit AI to compromise open-source projects and infiltrate the software supply chain.
Learn how bad actors leverage sophisticated techniques to embed security flaws in libraries you trust, and discover how untested, AI-generated solutions can open doors to catastrophic exploits.
With real-world examples, We'll dissect how these attacks happen and offer strategies to safeguard your projects.
In the battle for secure software, your tools could be your greatest weakness or your first line of defence. Prepare to confront the chilling truth about AI and your code.
Steve Poole
Independent
Experienced JVM and Java Developer, Developer Advocate,
DevOps Leader, and Security Champion with expertise in
software supply chain security, AI, public speaking,
education, and writing. An open-source contributor
(
Apache, Eclipse, OpenJDK) and developer relations expert.
Regular presenter at international conferences on technical
topics. Formerly with IBM and RedHat, with extensive
experience from operating systems to JVMs to AI. Sci-fi
lover, robot builder, and occasional mad scientist. Working
with Java since its early days.
DevOps Leader, and Security Champion with expertise in
software supply chain security, AI, public speaking,
education, and writing. An open-source contributor
(
Apache, Eclipse, OpenJDK) and developer relations expert.
Regular presenter at international conferences on technical
topics. Formerly with IBM and RedHat, with extensive
experience from operating systems to JVMs to AI. Sci-fi
lover, robot builder, and occasional mad scientist. Working
with Java since its early days.
Olimpiu Pop
Remote Tech Ltd
Olimpiu is a technology executive who balances his tech savviness with focusing on people and their well-being. A constant explorer of new technology trends, he enjoys digesting and spreading knowledge through podcasts or written articles. He strongly believes in the power of communities and open source, getting involved in technical community building and curating content for conferences as a program committee.
You can follow him on LinkedIn and @olimpiupop for ramblings on technology, cybersecurity and classical music.
You can find content curated or written by him on JavaAdvent and InfoQ. For the daily dose of cybersecurity and open source, 505updates.com.
You can follow him on LinkedIn and @olimpiupop for ramblings on technology, cybersecurity and classical music.
You can find content curated or written by him on JavaAdvent and InfoQ. For the daily dose of cybersecurity and open source, 505updates.com.