TechTarget and Informa Tech’s Digital Business Combine. TechTarget and Informa TechTarget and Informa Tech’s Digital Business Combine. Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise Newsletter Sign-Up Newsletter Sign-Up Cybersecurity Topics Related Topics Application Security Cybersecurity Careers Cloud Security Cyber Risk Cyberattacks & Data Breaches Cybersecurity Analytics Cybersecurity Operations Data Privacy Endpoint Security ICS/OT Security Identity & Access Mgmt Security Insider Threats IoT Mobile Security Perimeter Physical Security Remote Workforce Threat Intelligence Vulnerabilities & Threats Recent in Cybersecurity Topics Sponsored Content The Future of Application Security: AI Bots, APIs & Identity Explained The Future of Application Security: AI Bots, APIs & Identity Explained by Terry Sweeney Mar 31, 2026 Application Security AI-Driven Code Surge Is Forcing a Rethink of AppSec AI-Driven Code Surge Is Forcing a Rethink of AppSec by Terry Sweeney Mar 30, 2026 World Related Topics DR Global Middle East & Africa Asia Pacific Latin America Recent in World See All Application Security Real-Time Banking Trojan Strikes Brazil's Pix Users Real-Time Banking Trojan Strikes Brazil's Pix Users by Alexander Culafi Mar 13, 2026 4 Min Read Threat Intelligence Iran's Cyber-Kinetic War Doctrine Takes Shape Iran's Cyber-Kinetic War Doctrine Takes Shape by Alexander Culafi Mar 6, 2026 4 Min Read The Edge DR Technology Events Related Topics Upcoming Events Podcasts Webinars SEE ALL Resources Related Topics Resource Library Newsletters Podcasts Reports Videos Webinars White Papers Partner Perspectives Dark Reading Resource Library Application Security AI-Driven Code Surge Is Forcing a Rethink of AppSec In a conversation with Dark Reading’s Terry Sweeney, Black Duck CEO Jason Schmitt explains how AI is reshaping application security and why it must evolve to keep pace. Terry Sweeney , Contributing Editor March 30, 2026 Studio by Informa TechTarget AI is changing how software is built at a pace the industry never imagined. According to Jason Schmitt, CEO of Black Duck, this is creating a security challenge that traditional approaches can’t keep up with, as he explains in this Dark Reading News Desk interview. Organizations are now producing “10 to 20 times more software than even a year ago,” making it impossible for legacy tools to scale. At the same time, AI is expanding the attack surface, making it easier for adversaries to exploit vulnerabilities. Schmitt calls this moment the “third wave of application security,” moving beyond manual review and DevOps integration into an AI-driven model built for speed and scale. While AI contributes to the problem, it’s also key to solving it. “It’s apps plus,” Schmitt says, emphasizing how AI enhances existing tools rather than replacing them. When embedded into development workflows, AI can analyze large codebases, uncover business logic flaws, and enable continuous, autonomous security processes with less friction for developers. Related: F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation For Schmitt, the bigger misconception is that AI weakens application security. Instead, he sees it as essential to keeping pace with an expanding attack surface, enabling organizations to move toward continuous, intelligent security. Schmitt is CEO of Black Duck Software, an application security market leader formerly known as the Software Integrity Group and recently carved out of Synopsys, Inc. The company’s portfolio has been recognized as a Leader in the Gartner® Magic Quadrant™ for Application Security Testing for seven consecutive years. About the Author Terry Sweeney Contributing Editor Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, Network World, InformationWeek and Mobile Sports Report. In addition to information security, Sweeney has written extensively about cloud computing, wireless technologies, storage networking, and analytics. After watching successive waves of technological advancement, he still prefers to chronicle the actual application of these breakthroughs by businesses and public sector organizations. See more from Terry Sweeney Want more Dark Reading stories in your Google search results? Add Us Now More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report Cybersecurity Forecast 2026 The ROI of AI in Security ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars Editor's Choice Cybersecurity Operations Why Stryker's Outage Is a Disaster Recovery Wake-Up Call Why Stryker's Outage Is a Disaster Recovery Wake-Up Call by Jai Vijayan Mar 12, 2026 5 Min Read Want more Dark Reading stories in your Google search results? 2026 Security Trends & Outlooks Threat Intelligence Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats Jan 2, 2026 Cyber Risk Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult Jan 12, 2026 | 7 Min Read Endpoint Security CISOs Face a Tighter Insurance Market in 2026 Jan 5, 2026 | 7 Min Read Threat Intelligence 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child Jan 30, 2026 | 8 Min Read Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. Subscribe Webinars Building a Robust SOC in a Post-AI World Thurs, March 19, 2026 at 1pm EST Retail Security: Protecting Customer Data and Payment Systems Thurs, April 2, 2026 at 1pm EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Wed, April 1, 2026 at 1pm EST Securing Remote and Hybrid Work Forecast: Beyond the VPN Tues, March 10, 2026 at 1pm EST AI-Powered Threat Detection: Beyond Traditional Security Models Wed, March 25, 2026 at 1pm EST More Webinars White Papers Autonomous Pentesting at Machine Speed, Without False Positives Fixing Organizations' Identity Security Posture Best practices for incident response planning Industry Report: AI, SOC, and Modernizing Cybersecurity 5 Steps to Stop Ransomware With Zero Trust Explore More White Papers Black Hat Asia | Marina Bay Sands, Singapore Experience cutting-edge cybersecurity insights in this four-day event featuring expert Briefings on the latest research, Arsenal tool demos, a vibrant Business Hall, networking opportunities, and more. Use code DARKREADING for a Free Business Pass or $200 off a Briefings Pass. GET YOUR PASS GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 Book Your Space Discover More Black Hat Omdia Working With Us About Us Advertise Reprints Join Us Newsletter Sign-Up Follow Us Copyright © 2026 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466. Home | Cookie Policy | Privacy | Terms of Use Your Privacy Choices