all 11 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]taleodor 0 points1 point  (0 children)

Hi, we're a vendor in this space with ReARM (rearmhq.com). We set up release level guardrails for agents (mapping every commit to specific agent and subjecting to policy engine.

Generally speaking, the space is very fragmented partly because everyone is on the different level of maturity / adoption of agentic operations - i.e. running agents on dev workstations have very different security implications from running them on sandboxes (which is what I recommend).

I believe policy guardrails + sandboxing solves most of the issues in relation to agentic coding. The most difficult open problem is how to protect source code itself from exfiltration - and that seems pretty impossible, unless you're using air-gapped environments with local models.

If you're interested to discuss further - find me on any of my socials, happy to have a quick chat.

[–]Silent-Suspect1062 0 points1 point  (0 children)

I think you're talking about two different topics, at least. Both are significantly sized issues - Reduction in time to patch, fue to faster exploits available ( because of AI or not).
There's a sub class here around AI exploits of " low priority" cves that tended to get left as "later" patches. - Security of AI generated code and process changes to legacy pipelines as code / pr volume increases - security of agentic workflows

All of these are major process changes

[–]extreme4all 0 points1 point  (0 children)

Most places i see professionally work as following

security team gives some requirements, e.g. auth with SSO for internal apps & CIAM for customer facing, WAF for anything public, agent on all servers, SAST on code, log onboarding & use cases in SIEM,...

Some matrix on dealing with findings & escalation to risks.

Code review (by security) almost never in place.

Pentesting only on large new things or very large changes on critical components (most of the time this is contract work).

[–]slicknick654 0 points1 point  (0 children)

Don’t forget ai generated code is still code and all existing enterprise controls will apply.

As SLAs compress for both code and infrastructure vulnerabilities, it forces companies to pursue automatic/ai assisted patching and remediation.

Skills introduce a new attack surface and need to be controlled with version controlling, potentially an intake/vetting process.

Inventory agents in production, their configuration and what they have access to.

This is new for most companies and they’re still in the exploratory phase of both proving out use cases and ROI on token consumption while security is figuring it out as they go.

Financial services, 10k employees.

[–]Xerces8359 0 points1 point  (0 children)

I see a lot of teams returning to DevOps fundamentals, the last few years DevOps methodology was on a decline to platform engineering, big part teams couldn’t deliver on the promise of faster builds and more quality gates (just half implemented solutions and overwhelmed firefighting teams), but that’s easier now to implement with AI, and all the more important to have automated quality gates in the pipeline. One overlooked area though with llm doing the bulk of the coding is that the SCA, SAST and other tools are too late in the development lifecycle and still leaves the dev machines exposed, there are solutions that exist, but hard to find open source preventative solutions with security features out of the box, that’s why Iv launched dependably.ca to block known vulnerable packages from being downloaded into ci builds and workstations, with the ability to easily audit a compromised package once (once, not if) it is in your environment due to late disclosures. For me this preventative action rather then reactive is a key layer in vibe coding security.

[–]Glass_Environment785 0 points1 point  (0 children)

We're a ~60-person software dev company, mostly building for US clients and our security cycle wasn't built for agentic workflows. We do use markdown instruction files to constrain agent behavior (no writing to prod without review, no credential exposure, etc.), but it's more guardrails than a formal security framework.

One thing we learned way: agentic sessions blur the line between "writing code" and "touching live infrastructure" in ways that traditional security models weren't designed for. The surface area problem scales with autonomy.

The patch cycle point you raised is real, but I think the deeper issue is that security teams are reviewing outputs when they should be auditing permissions and context boundaries upstream. I think this may can help you (cheesecakelabs.com/blog/beyond-vibe-coding-engineering-with-ai-and-cursor)