AI makes SAST Great Again!

January 24, 2025 |

Talk at the oop Conference for Software Architecture

Do traditional tools like SAST or SCA have a future thanks to AI?

About the talk

Although modern development tools reduce the risk of unintentional security vulnerabilities, security remains a highly relevant topic in companies. The use of powerful AI systems offers new ways to optimize and automate security processes.

In this session, we will show how traditional scanning tools (SAST, SCA) can be combined with the capabilities of Large Language Models (LLM) to:

Reduce false positives and negative positives,
Focus on critical security findings,
Improve the analysis and assessment of findings,
Effectively deploy a greater number of specialized tools.

We compare thousands of findings analyzed manually and by LLM and highlight the differences between free and proprietary models.

Target audience: Developers, architects, security managers

Prerequisites: A basic understanding of common code vulnerabilities is required.

Difficulty level: Advanced

Time and Location: Munich, Thursday, February 6, 2025 – 09:00 – 10:30

The Author

Mirko Richter

Mirko Richter is a Software Security Consultant, Source Code Analysis Specialist and Training Manager for basic training courses up to advanced coding and Secure SDLC training. He has been involved in software development, architecture and security since the mid-90s. He is a speaker at conferences and author of several technical articles.

mgm technology partners

mgm consulting partners

mgm integration partners

mgm security partners

QFS Quality First Software

Application Security Testing

Cyber Security Testing

Infrastructure Security Testing

Governance & Compliance

Security Culture & Human Risk

Application Security Basics

Application Security in Practice

Penetration Testing

AI makes SAST Great Again!

Do traditional tools like SAST or SCA have a future thanks to AI?

About the talk

The Author