She called vibe coding a beautiful, endless cocktail napkin on which one can perpetually sketch ideas. But dealing with AI-generated code that one hopes to use in production can be "worse than babysitting," she said, as these AI models can mess up work in ways that are hard to predict. She had turned to AI coding in a need for speed with her startup, as is the promise of AI tools.
"Attackers are no longer simply experimenting with open source. The numbers are telling us that threat actors have identified data as the most profitable target, and developers as the easiest way in."
"Everyone talks about shifting left, but few are seeing the security gains they expected. Most organizations have tools in place, but they still struggle with noise, process friction, and developer resistance."