AI and The Future of Secure Coding

Description

The code is being written faster than anyone can secure it. In this episode, we sit down with Jack Cable, Founder of Corridor, former Senior Technical Advisor at CISA, and one of the architects behind the federal Secure by Design movement, to unpack what happens to application security when AI agents start writing the majority of enterprise code. Jack takes us from his time shaping national cybersecurity policy to the front lines of a new category he's helping define: Agentic Security Coding Management. We dig into why a decade of "shift left" hasn't solved the vulnerability backlog, why coding agents are about to make it worse, and whether AI is the disease, the cure, or both. We also get into the messy middle of the market, frontier labs muscling into AppSec, a wave of vendors confusing buyers, and the question every CISO is quietly wrestling with: how do you actually govern AI-generated code at enterprise scale? 🔗 LINKS & RESOURCES ────────────────── 🌐 Corridor: https://www.corridor.dev 📝 Corridor Blog: https://www.corridor.dev/blog/ 📊 Latio AI Code Security Report: https://pulse.latio.tech/p/ai-code-security-enterprise-governance 🛡️ CISA Secure by Design: https://www.cisa.gov/securebydesign ────────────── 0:00 — Intro 0:00 — From CISA to founding Corridor 0:00 — What is Agentic Security Coding Management? 0:00 — Why shift-left was never enough 0:00 — AI as both the disease and the cure 0:00 — Frontier labs entering the AppSec market 0:00 — Buyer confusion and what CISOs should be asking 0:00 — Governing AI-generated code at enterprise scale 0:00 — The regulatory horizon for AI-written software 0:00 — Closing thoughts 🎙️ ABOUT THE GUEST ────────────────── Jack Cable is the Founder of Corridor and a former Senior Technical Advisor at CISA, where he helped lead the Secure by Design initiative. He's been at the forefront of vulnerability disclosure, election security, and now the emerging challenge of securing AI-generated code at scale. 💬 WHAT WE COVER ───────────────── → Why the explosion of AI coding agents changes the AppSec calculus → What real governance of AI-generated code looks like in practice → How frontier labs (Anthropic, OpenAI, Google) are reshaping the security tooling landscape → Whether shift-left finally works, or finally breaks, in the age of agents → Policy, liability, and the regulatory future of AI-written software supply chains 🔔 Subscribe and hit the bell so you don't miss future episodes. 👇 Drop your take in the comments, should AI-generated code carry provenance and liability requirements? #AppSec #AICodeSecurity #AgenticAI #CyberSecurity #CISA #SecureByDesign #AICoding #SoftwareSupplyChain