Cyber Sessions with Sohail Iqbal, CISO at Veracode | CSO Cybersecurity Conference & Awards
As AI accelerates software development at machine speed, security teams are struggling to keep up with remediation. In this insightful interview, Veracode CISO Sohail Iqbal breaks down the security realities of AI-assisted coding and shares how organizations can close the growing gap between code velocity and secure deployment.
🔑 Key Insights:
- 60–65% of code in production is now AI-generated or assisted
- AI-generated code has similar vulnerability density to human-written code
- Organizations are seeing ~20% year-over-year growth in security backlogs
- Detection is improving — but remediation at scale remains the biggest challenge
Iqbal discusses Anthropic’s recent research on automated vulnerability detection and explains how Veracode is leveraging purpose-built LLMs to fix vulnerabilities at the speed of AI code generation. He also introduces Veracode’s comprehensive approach: AI-powered static analysis, Package Firewall for open source risks, and intelligent remediation capabilities.
Finally, Iqbal presents his “A, B, C, D” framework for modern CISOs — helping security leaders move from vulnerability noise to genuine enterprise risk management by correlating signals across:
- Application stack
- Business compliance obligations
- Compute environment
- Data security posture
If you're a CISO, security leader, or developer working in an AI-first world, this session is essential viewing.
👉 Learn more about Veracode’s AI-powered Application Security Platform: https://www.veracode.com
🕒 Timestamps
00:00 - Introduction
01:15 - The scale of AI-generated code in production
03:40 - Vulnerability trends and security backlogs
06:25 - Anthropic research & the shift from detection to remediation
09:10 - Veracode’s AI-powered security solutions
12:45 - The A, B, C, D Framework for enterprise risk management
16:30 - Advice for CISOs in the age of AI development
#Cybersecurity #AISecurity #CISO #ApplicationSecurity #DevSecOps #Veracode