公式動画ピックアップ
AAPL
ADBE
ADSK
AIG
AMGN
AMZN
BABA
BAC
BL
BOX
C
CHGG
CLDR
COKE
COUP
CRM
CROX
DDOG
DELL
DIS
DOCU
DOMO
ESTC
F
FIVN
GILD
GRUB
GS
GSK
H
HD
HON
HPE
HSBC
IBM
INST
INTC
INTU
IRBT
JCOM
JNJ
JPM
LLY
LMT
M
MA
MCD
MDB
MGM
MMM
MSFT
MSI
NCR
NEM
NEWR
NFLX
NKE
NOW
NTNX
NVDA
NYT
OKTA
ORCL
PD
PG
PLAN
PS
RHT
RNG
SAP
SBUX
SHOP
SMAR
SPLK
SQ
TDOC
TEAM
TSLA
TWOU
TWTR
TXN
UA
UAL
UL
UTX
V
VEEV
VZ
WDAY
WFC
WK
WMT
WORK
YELP
ZEN
ZM
ZS
ZUO
公式動画&関連する動画 [Pop Goes the Stack | Is AI making security obsolete? | AI Code]
What happens if AI finally writes secure code by default? In this episode of Pop Goes the Stack, #F5's Lori MacVittie, Joel Moses, and Ken Arora take that question seriously, even if it feels like a punchline today. The premise is simple: if AI starts producing mechanically correct, vulnerability-free code at scale, the security industry doesn’t disappear. It gets forced up the stack.
They outline the near-term reality first: #AI can already find and fix large classes of common issues in legacy code, and we’re likely heading into a chaotic cleanup phase as tools like Mythos-style systems accelerate remediation. But longer term, the conversation shifts to the uncomfortable tradeoff: code quality may improve faster than complexity shrinks. And complexity is where authority problems, logic flaws, and operational failures thrive.
Ken uses a practical analogy: a “perfectly safe driver” can still follow a GPS off a cliff. Likewise, perfect code can implement flawed or exploitable business logic flawlessly. Ticket scalping, abuse of workflows, and manipulation of incentives aren’t bugs; they’re behavior and design gaps. The bigger risk becomes how systems are orchestrated, who has permission to do what, and how autonomous components interpret intent.
They also flag the adversarial side: attackers won’t stop; they’ll shift from injecting obvious vulnerabilities to subtly influencing specs, workflows, and machine-generated architectures. As specs in plain language become the new “source code,” more people will be able to build powerful systems without the instinct to think like an attacker, widening the logic-attack surface.
The takeaway is a shift in mindset: security becomes less about chasing broken code and more about governing boundaries and monitoring behavior. AI will increasingly do exactly what you ask, which makes the new security imperative painfully clear: be precise about what you ask it to do, and enforce what it’s allowed to do when it tries to go beyond that.
Chapters:
00:00 Welcome to Pop Goes the Stack
00:17 What if AI finally writes secure code? (try not to laugh)
01:36 Two fronts: AI writes code + AI finds/fixes vulnerabilities
03:31 Short term: Cleaning up decades of vulnerable human code
04:09 Long term: Governance replaces bug-hunting as the bottleneck
04:25 Perfect driver, bad GPS: Flawless code can ship bad ideas
07:25 Does AI reduce risk faster than it increases complexity?
08:21 Behavior becomes the battleground: Business-logic attacks
09:05 Adversarial AI: Subtly injecting vulnerabilities on purpose
10:59 Think like an attacker: Abuse paths and spec weaknesses
12:01 Spec-to-code future: Untrained “spec writers” become the risk
14:48 New mantra: Boundaries + Behavior (B&B security)
15:51 What are the safeguards when writing code is democratized?
16:59 Security isn’t becoming obsolete, it's getting promoted
17:38 Key takeaways: Governance, boundaries, and be careful what you ask for
Learn how you can stay ahead of the curve and keep your stack whole with additional insights on app security, multicloud, AI, and emerging tech: https://go.f5.net/efnqndar
More about F5: https://go.f5.net/5d56be3g
Read our blog: https://go.f5.net/wm806ar6
Follow us on LinkedIn: https://go.f5.net/79y98qtv
46
2