Remediation Ballet Is a Pas de Deux of Patch and Performance

Generative AI capabilities continue to make their way into every organization, with increasingly useful ways of helping employees and contractors be more productive. This includes advancing how fully automated vulnerability remediation works, and with the power of generative AI, is able to take into account unique environments and uses in real-time.
While copilots, such as ones introduced by Microsoft, GitHub, Salesforce, and more, provide awesome power to both professional and citizen developers to create and generate context-aware code completion and suggestions that save time, there are also ‘hallucinations’ where wrong information can be spewed and inserted into applications, or flat-out wrong suggestions that, when blindly trusted, can lead organizations astray. As with anything, new technological capabilities must be met with strong processes and informed people to fully harness the power.
However, finding the right balance is critical, and can often be too heavily weighted on one side or the other behind productivity and control. Traditional security controls like urgent patches, encryption, and WAFs are necessary, but can also lag productivity, particularly in the fast-paced world of application development. On the people side, having centralized application security teams often see problems in isolation and are unable to see organizational consequences of applying specific fixes to a specific application (nor should they be expected to).
Further, making environment-level changes can have sweeping effects on individual applications, and each decision to increase security must be weighed against the potential dips in efficiency or productivity. AI-generated mitigations can reduce the cost of remediation, but the risk of applying ill-advised or ill-fitting mitigations will always exist. It begs the question of how much organizations should be expected to trust AI copilots, with many needing to run deep analysis of where in the middle-ground they want to live.
Read more from my latest monthly DarkReading column here.
All ArticlesRelated blog posts

Zenity and Slalom Partner to Accelerate Secure AI Agent Adoption
Zenity, the leader in securing AI agents everywhere, is officially partnering with Slalom, a global business and...

Security for Autonomous Agents and Reducing Shadow AI
In the rapidly evolving field of AI, understanding the distinctions between how agentic workflows are initiated...

How Zenity Helps Enterprises Apply AI TRiSM to AI Agents
The future isn’t human vs machine, it’s human trying to govern machines. As AI agents grow more autonomous (like...
Secure Your Agents
We’d love to chat with you about how your team can secure and govern AI Agents everywhere.
Get a Demo