Prompt, Commit, Repeat: Security at Scale When 1,000 Devs Go AI-Native
Balachandra Shanabhag
BSidesSF 2026 · Day 1 · AMC Theatre 04
In an era where Artificial Intelligence (AI) is rapidly integrating into software development workflows, Balachandra Shanabhag's talk, "Prompt, Commit, Repeat: Security at Scale When 1,000 Devs Go AI-Native," addresses the escalating security challenges faced by enterprises adopting AI coding tools at scale. As developers increasingly leverage AI copilots, agents, and even "wipe coders" that can build and publish applications autonomously, traditional security paradigms are proving insufficient. Shanabhag argues that the sheer variety, rapid evolution, and inherent power of these tools, coupled with their lack of judgment, create a vast and complex attack surface that demands a fundamentally new approach to security.
AI review
Competent survey of AI coding tool risks with a reasonable lifecycle security framework, but it stays in framework-land throughout — no original research, no novel attack chain, no data behind the claims. The right topic for the moment, executed at a practitioner-survey level rather than a researcher level.