{"id":23650,"date":"2023-10-05T09:30:00","date_gmt":"2023-10-05T07:30:00","guid":{"rendered":"https:\/\/www.codemotion.com\/magazine\/?p=23650"},"modified":"2023-10-27T12:49:29","modified_gmt":"2023-10-27T10:49:29","slug":"ai-tools-and-security","status":"publish","type":"post","link":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/","title":{"rendered":"Using AI to Develop More Secure Software"},"content":{"rendered":"\t\t\t\t<div class=\"wp-block-uagb-table-of-contents uagb-toc__align-left uagb-toc__columns-1  uagb-block-9d236ae5      \"\n\t\t\t\t\tdata-scroll= \"1\"\n\t\t\t\t\tdata-offset= \"30\"\n\t\t\t\t\tstyle=\"\"\n\t\t\t\t>\n\t\t\t\t<div class=\"uagb-toc__wrap\">\n\t\t\t\t\t\t<div class=\"uagb-toc__title\">\n\t\t\t\t\t\t\tTable Of Contents\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"uagb-toc__list-wrap \">\n\t\t\t\t\t\t<ol class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#ethical-use-of-ai-in-cybersecurity-an-introduction\" class=\"uagb-toc-link__trigger\">Ethical use of AI in cybersecurity: an introduction<\/a><li class=\"uagb-toc__list\"><a href=\"#the-role-of-ai-in-cybersecurity-the-good-the-bad-and-the-risky\" class=\"uagb-toc-link__trigger\">The role of AI in cybersecurity: the good, the bad and the risky<\/a><ul class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#threat-detection-and-prevention\" class=\"uagb-toc-link__trigger\">Threat detection and prevention<\/a><li class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#authentication\" class=\"uagb-toc-link__trigger\">Authentication<\/a><li class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#network-monitoring\" class=\"uagb-toc-link__trigger\">Network monitoring<\/a><\/li><\/ul><\/li><li class=\"uagb-toc__list\"><a href=\"#the-most-common-ai-driven-attacks-today\" class=\"uagb-toc-link__trigger\">The most common AI-driven attacks today<\/a><ul class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#data-poisoning\" class=\"uagb-toc-link__trigger\">Data poisoning<\/a><li class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#evasion-attacks\" class=\"uagb-toc-link__trigger\">Evasion attacks<\/a><li class=\"uagb-toc__list\"><li class=\"uagb-toc__list\"><a href=\"#confidentiality-attacks\" class=\"uagb-toc-link__trigger\">Confidentiality attacks<\/a><\/li><\/ul><\/li><\/ul><\/li><li class=\"uagb-toc__list\"><a href=\"#a-comprehensive-approach-to-application-security-testing\" class=\"uagb-toc-link__trigger\">A comprehensive approach to application security testing<\/a><li class=\"uagb-toc__list\"><a href=\"#ai-and-the-future-of-applications-security\" class=\"uagb-toc-link__trigger\">AI and the Future of Applications Security<\/a><li class=\"uagb-toc__list\"><a href=\"#the-art-of-reducing-security-debt-in-3-key-steps\" class=\"uagb-toc-link__trigger\">The art of reducing security debt in 3 key steps<\/a><\/ul><\/ul><\/ol>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\n\n\n<p>Artificial intelligence today is playing an increasing role in<a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/5-tips-for-boosting-api-security\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"ek-link\"> software security<\/a>, but as with many domains, it offers both benefits and risks. AI systems may be used to handle many of the day-to-day tasks of security professionals to increase productivity and reduce human error. But they also bring new security threats that could be difficult to counter. This means we need to think carefully to ensure the best and most ethical use of AI in cybersecurity. For this article, we&#8217;re drawing on insights from security experts Veracode. We&#8217;ll look at the main concepts of AI in digital security, the threats it poses, and ways in which it can be used to improve productivity and reliability.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-ethical-use-of-ai-in-cybersecurity-an-introduction\"><strong>Ethical use of AI in cybersecurity: an introduction<\/strong><\/h2>\n\n\n\n<p>Software security is an ever-changing field where professionals need to stay on their toes. It also entails many laborious day-to-day tasks, such as monitoring security updates, network alerts, testing, and regular maintenance. These tasks are vital, particularly in areas where sensitive data is being handled. So any system that can avoid human errors caused by oversight or tiredness is surely a benefit. In this context, AI offers the benefits of reliable and fast data processing, and with learning algorithms, it can adapt effectively to changing threat landscapes.<\/p>\n\n\n\n<p>But without careful oversight, AI can itself become unaccountable and unpredictable. Additionally, some malicious actors are now using intelligent technologies to counter existing security protections. <strong>We thus need an<a aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.codemotion.com\/magazine\/dev-life\/stories\/developer-ethics\/\" target=\"_blank\" rel=\"noreferrer noopener\" class=\"ek-link\"> ethical approach<\/a> to the use of AI in cybersecurity to guard against misuse and unintended consequences<\/strong>. The ethics of technology is a huge topic in itself, but three guidelines are worth keeping in mind from the start:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Education<\/strong> &#8211; we ought to understand the systems we use regularly with all their value implications. Technicians should comprehend the mathematics and algorithmic underpinnings of their software. Meanwhile, legal, regulatory and security professionals require a basic understanding of the ecosystem to inform their own practices.<br><\/li>\n\n\n\n<li><strong>Transparency<\/strong> &#8211; just as we ask human actors to give rationales, we should expect the same of AI. The concept of explainable technologies is not unique to AI and a &#8216;right to explanation&#8217; is already inherent in regulations like the EU&#8217;s<a href=\"https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX%3A02016R0679-20160504\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"ek-link\"> GDPR<\/a>.<br><\/li>\n\n\n\n<li><strong>Oversight<\/strong> &#8211; while a great promise of AI is to act independently of human control, we still need caution. AI in systems like cybersecurity should be combined with human judgment and authorization so that we retain ultimate responsibility.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-role-of-ai-in-cybersecurity-the-good-the-bad-and-the-risky\"><strong>The role of AI in cybersecurity: the good, the bad and the risky<\/strong><\/h2>\n\n\n\n<p>There are various types of tools in use today for both offensive and defensive security measures. CISOs should be fully aware of these technologies and their usage to stay on top of their game. Here are three core categories:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-threat-detection-and-prevention\"><strong>Threat detection and prevention<\/strong><\/h3>\n\n\n\n<p>Human vigilance and insight are essential to identify malware. Because of the rapidly changing nature of such threats, standard automated tools need near-constant updating to stay relevant. <strong>AI offers a more dynamic approach to threat detection with constant learning from vast datasets<\/strong>. Plus, AI-driven text analysis can churn through large masses of emails and other messages to detect threats like phishing attempts at speed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-authentication\"><strong>Authentication<\/strong><\/h3>\n\n\n\n<p>Central to software security, authentication is the sine qua non of sensitive data management. AI data processing can be of use in analyzing biometric data like fingerprint and facial recognition. It can also identify subtler symptoms of unauthorized access through techniques like <a href=\"https:\/\/www.nature.com\/articles\/s41386-020-0776-y\" target=\"_blank\" aria-label=\"behavioral analysis (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"ek-link\">behavioral analysis<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-network-monitoring\"><strong>Network monitoring<\/strong><\/h3>\n\n\n\n<p>Safe networking policies can be very fine-grained and hard to configure, especially with complex and changing network topographies. AI can help to analyze and stay on top of ongoing operations and security threats, by quickly processing large masses of data. This facilitates enforcing a<a href=\"https:\/\/www.cisco.com\/c\/en\/us\/solutions\/automation\/what-is-zero-trust-networking.html\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"ek-link\"> zero-trust networking<\/a> approach.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-most-common-ai-driven-attacks-today\"><strong>The most common AI-driven attacks today<\/strong><\/h2>\n\n\n\n<p>We&#8217;ve seen how AI can be used to improve software security processes. But just as important are the myriad new ways in which AI is being deployed to threaten secure systems through what is known as<a href=\"https:\/\/arxiv.org\/pdf\/2002.05646v3.pdf\" target=\"_blank\" aria-label=\" (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"ek-link\"> &#8216;adversarial ML&#8217;<\/a> Let&#8217;s consider three examples:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-data-poisoning\"><strong>Data poisoning<\/strong><\/h3>\n\n\n\n<p>AI and ML are only as reliable as their training data. Data poisoning is an approach that uses deliberately misleading sources to disrupt the integrity of AI models. AI&#8217;s lack of a single source of truth makes it possible to introduce incorrect classifications through poisoned data &#8211; similar to the idea of &#8216;deepfakes&#8217;. These may be used to compromise malicious behavior recognition, and can even be used to generate back doors for illicit access.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-evasion-attacks\"><strong>Evasion attacks<\/strong><\/h3>\n\n\n\n<p>Evasion techniques are used with pre-existing models once deployed. These processes require an insight or inference of the model data and classificatory system. With such knowledge, hackers can present disguised entities that are not what they seem and, armed with this deception, gain unauthorized access to sensitive systems. A remarkable example of this is a case of a human-form detection system fooled by<a href=\"https:\/\/taskandpurpose.com\/news\/marines-ai-paul-scharre\/\"> intruders hiding in a cardboard box<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-confidentiality-attacks\"><strong>Confidentiality attacks<\/strong><\/h3>\n\n\n\n<p>AI can also be used to spoof identities in authentication checks. By a process of model reverse-engineering, hackers are able to prompt AI systems to (re-)generate protected entities which can then be used to forge access to sensitive information of various kinds.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-a-comprehensive-approach-to-application-security-testing\"><strong>A comprehensive approach to application security testing<\/strong><\/h2>\n\n\n\n<p>Given the modalities and fast pace of new threats, it&#8217;s important to take a comprehensive approach to software security testing. Many dedicated security tools are available. These may invoke authentication challenges, network security, malware detection and other target areas. A particularly useful feature is the ability to automate asset detection. This reduces complex setup and maintenance processes and helps to mitigate human error or oversight. It can also aid with dynamic systems and operating environments, helping to ensure that the whole system is kept monitored.<\/p>\n\n\n\n<p>Some kind of threat prioritization is essential when faced with the results of comprehensive testing. Again, automation and AI can help by drawing on extensive and up-to-date data sources. Finally, while some tools specialize in key areas, it is essential to consider all relevant aspects of security. Exactly what this covers will depend on the industry sector and services in question, but common areas are cloud security, container management, SQL injection checks, and malware detectors.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/01\/iStock-1319188207-1024x576.jpg\" alt=\"IoT security, AI Tools and security\" class=\"wp-image-20028\" srcset=\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/01\/iStock-1319188207-1024x576.jpg 1024w, https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/01\/iStock-1319188207-300x169.jpg 300w, https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/01\/iStock-1319188207-768x432.jpg 768w, https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/01\/iStock-1319188207-896x504.jpg 896w, https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/01\/iStock-1319188207-400x225.jpg 400w, https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/01\/iStock-1319188207.jpg 1365w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Taking a comprehensive approach to software security testing is key.<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-ai-and-the-future-of-applications-security\"><strong>AI and the Future of Applications Security<\/strong><\/h2>\n\n\n\n<p>AI is becoming increasingly essential to cybersecurity and application security testing. Organizations require AI to secure assets that power their business. As cyber-attacks become more sophisticated and widespread and leverage AI, organizations will need to rely on AI-powered security solutions to protect their systems and data.<\/p>\n\n\n\n<p>Hackers have embraced AI to unleash attacks on vulnerable software and will do so at an increasing rate in the future. A manual approach to software security will be untenable and organizations will need to embrace an automated security solution with the history and intelligence to identify and automatically remediate risk based on policy decisions.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>The Next Generation of Application Security Testing<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Overall, Chat GPT represents a significant breakthrough in the field of natural language processing. Additionally, it has the potential to revolutionize the way humans interact with computers and digital assistants. Many companies, like Veracode, are leveraging this technology to automate the resolution of application security risks.<\/p>\n\n\n\n<p><strong>Veracode Fix<\/strong> is based on the Transformer architecture which is a type of deep learning model used in natural language processing (NLP) that was introduced by researchers at Google in 2017. It has since become a widely used architecture in NLP, powering many of the state-of-the-art language models used today.<\/p>\n\n\n\n<p>The future of application security testing will be deeply rooted in AI responses to common exploits. As hackers leverage AI to exploit application vulnerabilities at greater frequency, organizations must leverage tools and technologies that enable them to respond quickly, intelligently, and with a set of rules that govern those responses. Veracode\u2019s implementation of AI does exactly this by way of Veracode Fix.<\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"2\">\n<li><strong>Beyond Static Code Analysis and onto Cloud-Native Security<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Veracode Fix, in its first implementation, will help developers remediate static security findings across all major programming languages. But much like the rest of the AI space, Veracode\u2019s use of AI will evolve rapidly to deliver incremental value across the entire SDLC.<\/p>\n\n\n\n<p>The future of software security will be less about finding and fixing vulnerabilities and instead focused on preventing security vulnerabilities from ever making their way into the code base and source code repositories. Veracode will lead in these advancements in the following areas:<\/p>\n\n\n\n<p>1. <strong>Prevention<\/strong>: prevent developers from importing libraries or transient dependencies in open-source libraries that have known vulnerabilities giving security professionals the confidence that new security vulnerabilities are not being introduced through the rapid consumption of open-source software.<\/p>\n\n\n\n<p>2. <strong>Infrastructure-as-code:<\/strong> intelligent interpretation of code fragments and their potential negative impact on security will be key to securely enabling developers to consume code fragments.<\/p>\n\n\n\n<p>3. <strong>Container Images<\/strong>: a comprehensive and intelligent detection mechanism will be key to disallowing the adoption of <a href=\"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/container-images-technical-refresher-and-security-best-practices\/\" target=\"_blank\" aria-label=\"container images that are not secure (opens in a new tab)\" rel=\"noreferrer noopener\" class=\"ek-link\">container images that are not secure<\/a> leading to potential \u2018all access\u2019 exploits when run in production.<\/p>\n\n\n\n<p>These future advancements will be an important step to enable developers to code quickly and securely. By preventing the consumption and inclusion of OSS, container images, base operating systems, and IaC code fragments that are not secure, Veracode Fix will prevent the most important software security vulnerabilities from ever making their way into an organization&#8217;s code base.<\/p>\n\n\n\n<p>This will be a huge step forward as organizations transition from scanning, reporting, and fixing to proactive preventative development practices.<\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"3\">\n<li><strong>The Future is Bright for AI driver application security tools<\/strong><\/li>\n<\/ol>\n\n\n\n<p>The impact of AI on application security testing cannot be overstated. With Veracode Fix, developers, and security teams have a powerful tool that can significantly improve the security of their applications. By automating the identification and resolution of security risks in code, Veracode Fix can save time and resources while also ensuring that applications are secure from the outset.<\/p>\n\n\n\n<p>As we look to the future, it&#8217;s clear that AI will continue to revolutionize the way we approach technology and security. However, it&#8217;s up to us to harness its power responsibly and ethically. We must work together to share perspectives on <strong>how AI impacts businesses<\/strong>, society, and government regulation, and the potential implications of this technology.<\/p>\n\n\n\n<p>Therefore, we encourage you to connect with us and share your insights on how AI is impacting your business and society as a whole. Let&#8217;s work together to ensure that AI is used for good and that we can all benefit from its many advantages. The future is bright, and while machines are not taking over, they will undoubtedly be here to stay.<\/p>\n\n\n\n<p>Let&#8217;s embrace this technology and use it to create a better, more secure world. The following section will dive more deeply into what the threat landscape looks like in the era of AI.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-art-of-reducing-security-debt-in-3-key-steps\"><strong>The art of reducing security debt in 3 key steps<\/strong><\/h2>\n\n\n\n<p>When a shortfall arises between operating threat levels and compromised security measures, this is known as security debt. This deficit can have detrimental effects on your data, stability, and reputation. But it is possible to reduce it with forward-looking strategies.<\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"2\">\n<li><strong>Assessment and prioritization<\/strong><\/li>\n<\/ol>\n\n\n\n<p>A solid vulnerability assessment is an essential starting point for your software security plan. There are many tools available to help with this and, particularly if starting from scratch, you may consider contracting a specialist company to ensure a comprehensive approach. Your assessment should include a determination of your vulnerabilities&#8217; likelihood and threat profile. Based on this, you can prioritize high risks to gain the largest security wins early on.<\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"3\">\n<li><strong>Robust security implementation<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Implementing a robust response to your critical threats is the next step. This may entail technical interventions in areas like network security, authentication processes,<a href=\"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/cloud-security-checklist\/\"> cloud policies<\/a>, and security monitoring. Systems should be kept up-to-date, with all relevant security patches applied. However, don&#8217;t forget the human aspect as well &#8211; employees should be educated in security best practices to be aware of both technology-driven as well as interpersonal security defenses.<\/p>\n\n\n\n<ol class=\"wp-block-list\" start=\"4\">\n<li><strong>Continuous improvement<\/strong><\/li>\n<\/ol>\n\n\n\n<p>The cyber-threat landscape is constantly changing, which means your security debt must be continually kept in check. Full, real-time monitoring of your networks and systems using AI tools can help to identify emergent issues. You should also regularly check and analyze logs for unusual behavior and employees must be encouraged to report security incidents. All such data can be used to drive continuous improvements.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/info.veracode.com\/veracode-solution-demo.html\" target=\"_blank\" rel=\"noreferrer noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"975\" height=\"250\" src=\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/10\/BANNER-FOOTER-8.png\" alt=\"veracode codemotion articolo\" class=\"wp-image-23665\" srcset=\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/10\/BANNER-FOOTER-8.png 975w, https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/10\/BANNER-FOOTER-8-300x77.png 300w, https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/10\/BANNER-FOOTER-8-768x197.png 768w\" sizes=\"auto, (max-width: 975px) 100vw, 975px\" \/><\/a><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Artificial intelligence today is playing an increasing role in software security, but as with many domains, it offers both benefits and risks. AI systems may be used to handle many of the day-to-day tasks of security professionals to increase productivity and reduce human error. But they also bring new security threats that could be difficult&#8230; <a class=\"more-link\" href=\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\">Read more<\/a><\/p>\n","protected":false},"author":64,"featured_media":21423,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_editorskit_title_hidden":false,"_editorskit_reading_time":0,"_editorskit_is_block_options_detached":false,"_editorskit_block_options_position":"{}","_uag_custom_page_level_css":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[46],"tags":[10368],"collections":[11387],"class_list":{"0":"post-23650","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-ai-ml","8":"tag-artificial-intelligence","9":"collections-top-of-the-week","10":"entry"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.9 (Yoast SEO v26.9) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>AI Tools and Security: A Chief Security Officer&#039;s Guide<\/title>\n<meta name=\"description\" content=\"Chief Security Officers now have AI tools aplenty to help boost their production. Discover more in this guide with insights from Veracode.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Using AI to Develop More Secure Software\" \/>\n<meta property=\"og:description\" content=\"Chief Security Officers now have AI tools aplenty to help boost their production. Discover more in this guide with insights from Veracode.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Codemotion Magazine\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Codemotion.Italy\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-05T07:30:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-27T10:49:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1341\" \/>\n\t<meta property=\"og:image:height\" content=\"782\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Codemotion\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CodemotionIT\" \/>\n<meta name=\"twitter:site\" content=\"@CodemotionIT\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Codemotion\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\"},\"author\":{\"name\":\"Codemotion\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/201bb98b02412383686cced7521b861c\"},\"headline\":\"Using AI to Develop More Secure Software\",\"datePublished\":\"2023-10-05T07:30:00+00:00\",\"dateModified\":\"2023-10-27T10:49:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\"},\"wordCount\":2056,\"publisher\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg\",\"keywords\":[\"Artificial Intelligence\"],\"articleSection\":[\"AI\/ML\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\",\"url\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\",\"name\":\"AI Tools and Security: A Chief Security Officer's Guide\",\"isPartOf\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg\",\"datePublished\":\"2023-10-05T07:30:00+00:00\",\"dateModified\":\"2023-10-27T10:49:29+00:00\",\"description\":\"Chief Security Officers now have AI tools aplenty to help boost their production. Discover more in this guide with insights from Veracode.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage\",\"url\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg\",\"contentUrl\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg\",\"width\":1341,\"height\":782,\"caption\":\"this article shares best practices for AI applications. AI Tools and security.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.codemotion.com\/magazine\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AI\/ML\",\"item\":\"https:\/\/www.codemotion.com\/magazine\/ai-ml\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Using AI to Develop More Secure Software\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#website\",\"url\":\"https:\/\/www.codemotion.com\/magazine\/\",\"name\":\"Codemotion Magazine\",\"description\":\"We code the future. Together\",\"publisher\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.codemotion.com\/magazine\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#organization\",\"name\":\"Codemotion\",\"url\":\"https:\/\/www.codemotion.com\/magazine\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/codemotionlogo.png\",\"contentUrl\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/codemotionlogo.png\",\"width\":225,\"height\":225,\"caption\":\"Codemotion\"},\"image\":{\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Codemotion.Italy\/\",\"https:\/\/x.com\/CodemotionIT\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/201bb98b02412383686cced7521b861c\",\"name\":\"Codemotion\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/cropped-codemotionlogo-150x150.png\",\"contentUrl\":\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/cropped-codemotionlogo-150x150.png\",\"caption\":\"Codemotion\"},\"description\":\"Articles wirtten by the Codemotion staff. Tech news, inspiration, latest treends in software development and more.\",\"sameAs\":[\"https:\/\/x.com\/CodemotionIT\"],\"url\":\"https:\/\/www.codemotion.com\/magazine\/author\/codemotion-2\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"AI Tools and Security: A Chief Security Officer's Guide","description":"Chief Security Officers now have AI tools aplenty to help boost their production. Discover more in this guide with insights from Veracode.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/","og_locale":"en_US","og_type":"article","og_title":"Using AI to Develop More Secure Software","og_description":"Chief Security Officers now have AI tools aplenty to help boost their production. Discover more in this guide with insights from Veracode.","og_url":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/","og_site_name":"Codemotion Magazine","article_publisher":"https:\/\/www.facebook.com\/Codemotion.Italy\/","article_published_time":"2023-10-05T07:30:00+00:00","article_modified_time":"2023-10-27T10:49:29+00:00","og_image":[{"width":1341,"height":782,"url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg","type":"image\/jpeg"}],"author":"Codemotion","twitter_card":"summary_large_image","twitter_creator":"@CodemotionIT","twitter_site":"@CodemotionIT","twitter_misc":{"Written by":"Codemotion","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#article","isPartOf":{"@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/"},"author":{"name":"Codemotion","@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/201bb98b02412383686cced7521b861c"},"headline":"Using AI to Develop More Secure Software","datePublished":"2023-10-05T07:30:00+00:00","dateModified":"2023-10-27T10:49:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/"},"wordCount":2056,"publisher":{"@id":"https:\/\/www.codemotion.com\/magazine\/#organization"},"image":{"@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg","keywords":["Artificial Intelligence"],"articleSection":["AI\/ML"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/","url":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/","name":"AI Tools and Security: A Chief Security Officer's Guide","isPartOf":{"@id":"https:\/\/www.codemotion.com\/magazine\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage"},"image":{"@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage"},"thumbnailUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg","datePublished":"2023-10-05T07:30:00+00:00","dateModified":"2023-10-27T10:49:29+00:00","description":"Chief Security Officers now have AI tools aplenty to help boost their production. Discover more in this guide with insights from Veracode.","breadcrumb":{"@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#primaryimage","url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg","contentUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg","width":1341,"height":782,"caption":"this article shares best practices for AI applications. AI Tools and security."},{"@type":"BreadcrumbList","@id":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/ai-tools-and-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.codemotion.com\/magazine\/"},{"@type":"ListItem","position":2,"name":"AI\/ML","item":"https:\/\/www.codemotion.com\/magazine\/ai-ml\/"},{"@type":"ListItem","position":3,"name":"Using AI to Develop More Secure Software"}]},{"@type":"WebSite","@id":"https:\/\/www.codemotion.com\/magazine\/#website","url":"https:\/\/www.codemotion.com\/magazine\/","name":"Codemotion Magazine","description":"We code the future. Together","publisher":{"@id":"https:\/\/www.codemotion.com\/magazine\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.codemotion.com\/magazine\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.codemotion.com\/magazine\/#organization","name":"Codemotion","url":"https:\/\/www.codemotion.com\/magazine\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/logo\/image\/","url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/codemotionlogo.png","contentUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/codemotionlogo.png","width":225,"height":225,"caption":"Codemotion"},"image":{"@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Codemotion.Italy\/","https:\/\/x.com\/CodemotionIT"]},{"@type":"Person","@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/201bb98b02412383686cced7521b861c","name":"Codemotion","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/image\/","url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/cropped-codemotionlogo-150x150.png","contentUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/cropped-codemotionlogo-150x150.png","caption":"Codemotion"},"description":"Articles wirtten by the Codemotion staff. Tech news, inspiration, latest treends in software development and more.","sameAs":["https:\/\/x.com\/CodemotionIT"],"url":"https:\/\/www.codemotion.com\/magazine\/author\/codemotion-2\/"}]}},"featured_image_src":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-600x400.jpg","featured_image_src_square":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-600x600.jpg","author_info":{"display_name":"Codemotion","author_link":"https:\/\/www.codemotion.com\/magazine\/author\/codemotion-2\/"},"uagb_featured_image_src":{"full":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg",1341,782,false],"thumbnail":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-150x150.jpg",150,150,true],"medium":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-300x175.jpg",300,175,true],"medium_large":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-768x448.jpg",768,448,true],"large":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-1024x597.jpg",1024,597,true],"1536x1536":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg",1341,782,false],"2048x2048":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg",1341,782,false],"small-home-featured":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications.jpg",100,58,false],"sidebar-featured":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-180x128.jpg",180,128,true],"genesis-singular-images":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-896x504.jpg",896,504,true],"archive-featured":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-400x225.jpg",400,225,true],"gb-block-post-grid-landscape":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-600x400.jpg",600,400,true],"gb-block-post-grid-square":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2023\/06\/best-practices-AI-applications-600x600.jpg",600,600,true]},"uagb_author_info":{"display_name":"Codemotion","author_link":"https:\/\/www.codemotion.com\/magazine\/author\/codemotion-2\/"},"uagb_comment_info":0,"uagb_excerpt":"Artificial intelligence today is playing an increasing role in software security, but as with many domains, it offers both benefits and risks. AI systems may be used to handle many of the day-to-day tasks of security professionals to increase productivity and reduce human error. But they also bring new security threats that could be difficult&#8230;&hellip;","lang":"en","_links":{"self":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts\/23650","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/users\/64"}],"replies":[{"embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/comments?post=23650"}],"version-history":[{"count":6,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts\/23650\/revisions"}],"predecessor-version":[{"id":23668,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts\/23650\/revisions\/23668"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/media\/21423"}],"wp:attachment":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/media?parent=23650"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/categories?post=23650"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/tags?post=23650"},{"taxonomy":"collections","embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/collections?post=23650"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}