In technology companies, AI is already going beyond the trend and influencing products, engineering, and daily business processes. Along with opportunities come challenges: working with sensitive data, security requirements, and the complexity of integration into existing systems. In such conditions, it is important to understand where AI really creates value and where it just adds noise. During the discussion, participants share their practical experience: how they implement AI in their products, adapt engineering processes, and restructure operations for new tools. This is a conversation about real pain points, opportunities, and solutions that help teams move forward.

A discussion with representatives of high-risk systems about why security architecture should be incorporated at the design and development stage, rather than added after release into production. We will talk about the risks of delayed implementation of controls, common security illusions, and practical approaches to integrating security practices into the work of product teams.

The talk focuses on developing and integrating automation tools to enhance Supply Chain security. It addresses reproducible security practices with tools like Renovate and Wiz, as well as GitLab and JFrog Artifactory, to enforce consistent security scans seamlessly within existing workflows.

Do machines hallucinate insecure code? In the blink of an eye we jumped on the AI bandwagon and pivoted from AI skepticism to AI adoption, but what did we trade off exactly? Writing secure code is tougher than it seems and we humans are getting it wrong time and time again. Even highly popular open-source software projects are repeatedly found vulnerable. So how does ChatGPT or GitHub Copilot live up to standards of secure software? developers have already embraced AI for augmented software development but let's challenge those AI tools you've come to rely on day-to-day and see how capable they are in producing secure software.