DryRun Security

Will you be at #BSidesAustin in a few weeks? We are excited to be a sponsor this year! ?? There are lots of great topics and workshops: from selling security to execs to using RAG and LLMs in security. ?? See the schedule here: https://lnkd.in/gemacExn If you're going, stop by and say hi. We'd love to talk to you about AI and AppSec and what we're doing in this space. Like to join us there? Here's the link to register: https://lnkd.in/g2KuWYGa

We've got a new blog post for you exploring how Large Language Models (LLMs) are taking the field of application security to the next level. ???? Ken Johnson illustrates the transformative potential of LLMs to: ??scale your team ? identify risks in code changes ? empower developers ? highlight significant security-impacting modifications ?? Link to the full post in the comments #AI #Cybersecurity #LLMs #ApplicationSecurity #DevSecOps

It's not too late to register! Today at 1pm EST Ken Johnson shares our journey of leveraging Large Language Models (LLMs) for application security. ?? Discover how we're moving beyond traditional static analysis to find nuanced security issues in code. In this session, you'll learn about the challenges we have faced, the lessons we learned, and the innovative methods we've developed. ???Bring your questions for the live Q&A after Ken’s presentation! Nov. 14 ? 1pm EST ???Register at https://lnkd.in/gBPSPmSC This webinar is part of a series titled AI-powered AppSec. Follow us here to stay up to date with our latest sessions from the series. #AI #Cybersecurity #LLM #ApplicationSecurity #Innovation

New Absolute AppSec course! Dec 2 & 3 Held **VIRTUALLY** by Seth Law and I. Check the comments for the registration link!

Tomorrow is the day Ken Johnson, Co-founder and CTO of DryRun Security, shares our journey of leveraging Large Language Models (LLMs) for application security. ?? Discover how we're moving beyond traditional static analysis to find nuanced security issues in code. In this session, you'll learn about the challenges we have faced, the lessons we learned, and the innovative methods we've developed. ???Bring your questions for the live Q&A after Ken’s presentation! Nov. 14 ? 1pm EST ???If you haven't registered yet, there's still time: https://lnkd.in/gBPSPmSC This webinar is part of a series titled AI-powered AppSec. Follow us here to stay up to date with our latest sessions from the series. #AI #Cybersecurity #LLM #ApplicationSecurity #Innovation

Life teaches us lessons… we’re sharing ours from our journey with LLMs and AppSec at DryRun Security Join us on Thursday for a virtual session where Ken Johnson will share pitfalls and learnings and take questions! Link to register is in the comments.

SAST and, really, a large swath of AppSec, use scare tactics and FUD to get adoption. However, modern leaders have realized this isn't the approach that moves the needle. So, there's been a doubling down on security champion programs to foster developer engagement, secure by default in lang/frameworks, paved paths for deployment, ... Well, the new trend, as I am sure you know, is leveraging AI and LLMs for appsec tasks. DryRun Security is changing the name of the game for SAST, so it's not just pattern-matching scare tactics, but using contextually relevant analysis on every code change to deliver meaningful guidance to developers and insight to appsec engineers. Over the last year of building the product, we've learned a ton about LLMs and AI for AppSec. This week, Ken Johnson, CTO of DryRun Security, is hosting a webinar where we'll cover our journey and the lessons we've learned along the way. You should join us for the conversation! Whether you're exploring AI for AppSec for the first time or you've already been experimenting, this talk will help you avoid common pitfalls and get up-to-speed faster. Please signup and bring a friend; it's free! Sign up here > https://lnkd.in/gjX3vgTX

One area where LLMs truly shine is their ability to summarize the behavior of code. With the right setup, they can provide a clear, high-level understanding of what code is doing, which can be incredibly useful for spotting behavioral anomalies. This is just one of the many learnings we've had at DryRun security over the last year. Want to hear more? Sign up for our free webinar where DryRun Security CTO, Ken Johnson shares more. https://lnkd.in/g8UPnzCj

UPDATE: This online course has been moved to December 2nd and 3rd. Please update your calendars or register now if you're interested in Harnessing LLMs for Application Security. Ken Johnson and Seth Law have developed "Harnessing LLMs for Application Security", a new stand-alone course for infosec professionals who’d like to incorporate #AIagents and other #LLM technologies into their day-to-day work flow. The course is being offered for the first time online on N?o?v?e?m?b?e?r? ?7?-?8? December 2nd and 3rd. Harnessing LLMs for #AppSec grew out of Seth and Ken’s Practical Secure Code Review course that has incorporated LLMs into the Absolute AppSec methodology for #SecureCodeReview because some students found the information covered in the new incarnation of the Secure Code Review course regarding the use of LLMs to be both valuable and worthy of a special focus on its own.? To meet that demand then, the objectives of the new course include: ? Understanding #Langchain and #PromptEngineering ? Getting familiar with LLM types, and exploring which options can best help perform AppSec-related and other tasks. ? Hands-on techniques like Retrieval-Augmented Generation (RAG) and Few-Shot Prompting for secure code analysis and threat modeling.? ? Integration of AI into security tasks to identify vulnerabilities and improve overall application security. ? How to fine tune AI agent interaction so you improve the results you see To register for this training and to get more information on Seth and Ken’s courses, check out the Absolute AppSec training site https://lnkd.in/gpdQQxbW. For this training, the course overview can be found here: https://lnkd.in/g9WZkPqV

Join Ken Johnson, Co-founder and CTO of DryRun Security, as he shares our journey leveraging Large Language Models (LLMs) for application security. ?? Discover how we're moving beyond traditional static analysis to find nuanced security issues in code. In this session, you'll learn about the challenges we have faced, the lessons we learned, and the innovative methods we've developed. ???Bring your questions for the live Q&A after Ken’s presentation! Nov. 14 ? 1pm EST ???Link to register is in the comment This webinar is part of a series titled AI-powered AppSec. Follow us here to stay up to date with our latest sessions from the series. #AI #Cybersecurity #LLM #ApplicationSecurity #Innovation