Description

AI agents don't just write insecure code — they can escape their sandboxes, delete files, and do whatever it takes to complete a task. The security mental model that served us through the cloud era isn't enough anymore. Guy Podjarny, founder of Snyk and CEO of Tessl, made the case at London's AI Security Summit: it's time to stop securing the code and start securing the coder.

Recorded live at the AI Security Summit in London, this episode features conversations with Brian Vermeer (Snyk), Sam Stepanyan (OWASP London), and a full recording of Guy's keynote on why agentic development demands a fundamentally different approach to security.

What we cover:

• Why shadow AI is the new shadow IT — and why CISOs can't secure what they can't see
• Skills as a new supply chain attack surface (malicious, vulnerable, and negligent skills)
• Why more context is not always better — and what the data says about focused skill design
• The OWASP Top Ten for Agentic AI and what it means for teams building today
• Why security must become agentic to keep up with the attackers who already are
• The Context Development Lifecycle (CDLC) and how leading orgs are using it

Links: 🌐 Tessl: https://tessl.io

Subscribe for weekly episodes on AI-native development

What's the biggest security risk your team isn't talking about when it comes to agentic development? Drop it in the comments.

Join the AI Native Dev Community on Discord: https://tessl.co/4ghikjh

Ask us questions: podcast@tessl.io