More WAFs in Blocking Mode and More Security Headaches from LLMs – Sandy Carielli, Jan… – ASW #326

Summary: The video discusses the evolving landscape of application security, focusing on insights from experts Sandy Kielli and Janet Worthington on breaches, secure practices, and the introduction of tools leveraging AI, particularly LLMs. It emphasizes the importance of “secure by design” principles, lessons from past breaches, and the shift towards more integrated security tools in organizations.

Keypoints:

• Organizations are tightening budgets, prompting a shift in security focus towards practical implementations rather than costly add-ons.
• Experts highlighted significant breaches from 2024, noting an increase in records stolen and privacy violations.
• Healthcare breaches caused substantial disruptions, showing the critical importance of protecting patient data.
• The need for customers to understand and demand robust security practices from SaaS vendors was emphasized.
• Multi-Factor Authentication (MFA) is crucial but should not be the sole focus; secure design practices must be prioritized from the start.
• Web Application Firewalls (WAFs) are evolving into unified platforms, improving their functionality beyond basic protections.
• The transition from alert-only mode to blocking mode in WAFs indicates a growing trust in these protective measures.
• LLMs are beginning to assist in application security by generating fixes and providing better explanations, indicating their potential benefits in the future.
• Slop squatting, a new trend tied to LLMs, can lead to the introduction of malicious packages, emphasizing the need for careful scrutiny in software dependency management.
• Secure design should be a foundational principle, considering both the software development lifecycle and the long-term operational context in which software will exist.
• The comparison between components and containers highlights the importance of considering performance, maintenance, and security in new software architectures.
• Research on PLCs reveals widespread insecure designs and emphasizes the necessity for enhanced recovery measures after an attack.