Pixee CTO Arshan on The Daily Tech Talks Podcast

Pixee CTO Arshan on The Daily Tech Talks Podcast

h In December 2023 Pixee CTO and co-founder Arshan Dabirsiaghi joined Neil C. Hughes on The Tech Talks Daily podcast. They discussed the rise of AI generated code, the implications that it has on security, and the shift from traditional coding to AI-driven development.

They covered a good amount of territory during the 27-minute episode. Here are some highlights from their conversation:

What It Takes to Secure Code

As they began exploring the security challenges created by AI generated code, Arshan outlined the many factors required to get security right today:

“You need a massive organizational commitment to get secure code out the door. The normal code that you would just put out naively, which a lot of small companies do, is very vulnerable. And people don’t realize, unfortunately, that every line of code represents a brick in the castle of your attack perimeter. If you write two bad lines of code, somebody can abuse that to get into your system and pivot from there…”

Jump to this part of the conversation at 4:23

How to Better Integrate Security

After discussing the implications that AI generation has on cybersecurity, Neil asked Arshan how the industry can better integrate security more deeply into the development process:

“The only way I can see out of this is to build virtual security engineers. Just like we’re using LLMs to generate a bunch of code, we need to generate AI agents that will handle all the human work of validation, training, fixing, triaging… All of the security that developers have to do, we have to have an AI that’s doing them.”

Jump to this part of the conversation at 8:00

Pixee’s Approach to Code Security

The conversation lead to discussing what lead to Arshan and Surag Patel founding Pixee, and why they built Pixeebot:

“The whole point of it is to be that product security engineer. The angel on your shoulder, that as you write code we’re going to chime in with suggestions to your code. We’re not going to send you reports, we’re not going to send you findings, we’re not going to ask you to reverse engineer what the fix should be, we’re actually just going to send you the fix. This is very different from what traditionally has been offered on the market… Security is a fast changing field. We knew that we needed to build this agent to be the missing skillset on every development team to fix the vulnerabilities.”

Jump to this part of the conversation at 11:45

The Full Episode

2726: Pixee - Who Secures Our Code When an Army of Robots is Writing It? is available on YouTube, and Neil’s blog.