BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsidesluxembourg-2026//speaker//QZKBNJ
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsidesluxembourg-2026-LW9DDS@pretalx.com
DTSTART;TZID=CET:20260507T133000
DTEND;TZID=CET:20260507T141000
DESCRIPTION:Trust and Traceability: Developer Observability in the AI-Power
 ed SDLC \n\nSafeguarding the enterprise with superior AI risk governance \
 n\nIt has been over three years since AI coding tools first landed\, and i
 n 2026\, more than three-quarters of developers are using them in their wo
 rkflows... with or without the knowledge and blessing of the AppSec team. 
 Rumors of developers being replaced entirely have been exaggerated\, but c
 rucially\, the use of AI in enterprise environments has further uncovered 
 the significant security skills gap that exists among them as they struggl
 e to identify and mitigate vulnerable\, AI-generated code. \n\nSecurity pr
 ograms must evolve rapidly to reduce this emerging threat vector\, but man
 y CISOs lack the necessary data and insights to effectively empower their 
 development cohorts. With AI coding tools touted as both a blessing and a 
 curse for development and software security\, there is no better time to e
 nsure the enterprise security program is not just updated to accommodate t
 he increased attack surface\, but also actively optimized for SDLC efficie
 ncy and cyber defense. \n\nWorld-class security leaders must rise to the o
 ccasion and lead proactive security programs that utilize the right tech s
 tack and strategy to manage developer risk through high observability of t
 heir security skills\, as well as the security efficacy of their AI techno
 logy stack. Developers have immense potential to be central to a defensive
  security strategy\, and they can be empowered with the right knowledge to
  transform their approach to coding and adopt a security-first mindset. Th
 is revolution is vital as the use of AI coding tools grows\, and critical 
 thinking from the developer is a must to deploy them safely in their workf
 low.\n\nBased on AI experiments and key research with CISOs\, the presenta
 tion reveals the critical pathways security leaders can take to execute in
 credible developer-focused training programs that reduce risk\, shift nega
 tive security sentiment in the development cohort\, and safely adapt AI te
 chnology with precision governance\, including:\n\n    Understanding compa
 risons between AI and human coding\, what works\, and what can affect ente
 rprise security maturity.\n    Navigating AI data quality issues and estab
 lishing safe pair programming with unprecedented developer observability.\
 n    Developer upskilling\, including benchmarking and growing key securit
 y skills with knowledge and governance that leads to better risk mitigatio
 n.\n    How to establish a skills baseline among developers\, and grow rel
 evant competency quickly.\n    The pitfalls of AI vulnerability detection\
 , and the skillset your developers must master to overcome hallucination\,
  insecure code generation and misconfiguration.
DTSTAMP:20260502T115919Z
LOCATION:Workshops and Stage - Gernsback (C1.05.02)
SUMMARY:Trust and Traceability : developer observability in the AI powered 
 SDLC - Omar Rachid
URL:https://pretalx.com/bsidesluxembourg-2026/talk/LW9DDS/
END:VEVENT
END:VCALENDAR