Subscribe Share Full episode and show notes Application security , AI/ML , Generative AI Keeping Up With the OWASP GenAI Project – Scott Clinton – ASW #381 Speed is the most common theme among developers and appsec teams working with LLMs and agents, from trying to keep up with patterns for deploying agents to dealing with more code faster to how the latest models impact code quality and security. The OWASP GenAI Project is helping organizations keep up with the speed of those changes and engaging the appsec community for sharing effective ways to keep systems secure. Scott Clinton shares the latest progress on the the project, its roadmap for the year, and how appsec practitioners can shape its future. Resources: https://genai.owasp.org/2026/04/28/finbot-ctf-is-live-a-hands-on-companion-to-the-owasp-genai-security-project/ https://genai.owasp... May 5, 2026 This episode is sponsored by Full Segment Notes Speed is the most common theme among developers and appsec teams working with LLMs and agents, from trying to keep up with patterns for deploying agents to dealing with more code faster to how the latest models impact code quality and security. The OWASP GenAI Project is helping organizations keep up with the speed of those changes and engaging the appsec community for sharing effective ways to keep systems secure. Scott Clinton shares the latest progress on the the project, its roadmap for the year, and how appsec practitioners can shape its future. Resources: https://genai.owasp.org/2026/04/28/finbot-ctf-is-live-a-hands-on-companion-to-the-owasp-genai-security-project/ https://genai.owasp.org/2025/01/22/announcing-the-owasp-gen-ai-red-teaming-guide/ https://www.scworld.com/podcast-episode/3695-inside-the-owasp-genai-security-project-steve-wilson-asw-352 This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more about them! Guest Scott Clinton Co-chair, Co-founder at OWASP GenAI Security Project Scott Clinton is Co-Chair and Co-Founder of the OWASP GenAI Security Project, leading strategy, operations, and growth. A 25+ year industry executive and 20-year open source leader, he has built and scaled open source businesses and industry consortiums across security, DevOps, AI/ML, and data markets. Scott is a published author and research lead, including the Gen AI Security Landscape and AI Security Center of Excellence Guide. Scott also holds multiple board and advisory roles with technology companies helping guide organization scale and growth. Hosts Mike Shema https://dangerouserrors.com John Kinsella @jlk_ Tyler Shields https://www.90degree.vc/ Announcements If you’re building or securing applications today, generative AI just changed your threat model. AI-generated code, prompt injection, data leakage, and agentic workflows are introducing risks your current AppSec tools were never designed to handle. And with DevOps moving faster than ever, the gap between shipping and securing is only getting wider. So how do you actually secure what you’re building? Join us May 27 for the OWASP Generative AI Virtual Cybersecurity Summit. Hear from the experts behind the OWASP GenAI Security Project on the top risks in LLMs and agentic AI, and how to secure AI systems across the entire SDLC. Get practical guidance, real-world strategies, and the tools you need to stay ahead of AI-driven threats. Security Weekly listeners can register for free at https://securityweekly.com/genai using the promo code: CSS26-SW List of Articles Mike Shema PyPI has completed its second audit Copy Fail: 732 Bytes to Root on Every Major Linux Distribution. Securing GitHub: Wiz Research uncovers Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854) We Asked Claude to Audit Sagredo’s qmail. It found a RCE. FYI: Unprompted Presentations Playlist Show More Stay in the Know, No Smoke and Mirrors – Join Our Newsletter Get expert insights and technical breakdowns straight to your inbox. Join Now Related Segments Application security Top 10 Web Hacking Techniques of 2025 and a Hint for 2026 – James Kettle – ASW #380 Application security The Human Aspect of Red Teams – Brian Fox, Tom Tovar, T. Gwyddon ‘Data’ Owen – ASW #379 Vulnerability Management Zuckbot, Rockstar, Klaude, Browsers Galore, Microsoft 365, ATC, Kieran Human and more – Kieran Human – SWN #572 Related Content Phishing Telegram mini apps used in large-scale crypto scams and malware distribution Application security CISO Stories: AI Security (Blackhat Preview) – Arctic Wolf Application security ‘Copy Fail’ bug can obtain root privileges in Linux distributions since 2017 You can skip this ad in 5 seconds