Code Is Free: Securing Software in the Agentic Future

Name: Code Is Free: Securing Software in the Agentic Future
Duration: 20 min
Description: OpenAI security engineer Paul McMillan and product engineer Ryan Lopopolo argue that AI-generated code has fundamentally broken the economics of security tooling. Instead of paying vendors and waiting quarters for features, teams can encode security expertise directly into their repositories as prompts, lints, and CI checks — and let Codex do the implementation in minutes. ---

Paul McMillan, Ryan Lopopolo

[un]prompted 2026 — AI Security Practitioner Conference · Day 1 · 1

OpenAI security engineer Paul McMillan and product engineer Ryan Lopopolo argue that AI-generated code has fundamentally broken the economics of security tooling. Instead of paying vendors and waiting quarters for features, teams can encode security expertise directly into their repositories as prompts, lints, and CI checks — and let Codex do the implementation in minutes. ---

AI review

OpenAI engineers telling practitioners that code is free and they should just build their own security tooling is an interesting message from the company that sells the tokens required to do so. Underneath the framing, the supply chain dependency audit and CI-integrated threat model validation patterns are genuinely useful. The talk is more manifesto than demo.

Watch on YouTube