Securing the Digital Frontier: How AI is Reshaping Application Security
The software development landscape is transforming at breakneck speed. Developers now generate code faster than ever, but this acceleration comes with a critical caveat: unprecedented security risks.
Sudhir Patamsetti, Senior Director of Product Management at Harness, understands this digital paradox intimately. In an exclusive interview, he revealed the complex challenges facing modern cybersecurity professionals.
“Security is considered an afterthought, and there’s been traditionally a lot of friction between development and security teams,” Patamsetti explains.
This fundamental disconnect has created a dangerous vulnerability in how organizations approach software development.
The Traditional Security Dilemma
Historically, security teams operated in silos, disconnected from the rapid innovation happening in development environments. Developers focused on speed, while security professionals emphasized protection – creating an inherent tension that left critical gaps in software infrastructure.
Harness emerged as a solution to bridge these critical divides. Their AI-native DevSecOps platform represents a holistic approach to integrating security throughout the software development lifecycle.
Patamsetti describes their mission succinctly: “Help developers ship secure code faster and in a reliable manner.”
The AI Revolution: A Double-Edged Sword
With artificial intelligence generating significant portions of modern code, the security landscape has become exponentially more complex. Industry leaders predict that 50-60% of code will soon be AI-generated.
This technological leap brings both tremendous opportunity and substantial risk.
“AI is trained on open-source code that may contain vulnerabilities,” Patamsetti warns. “While improving productivity, it simultaneously introduces new challenges to the cybersecurity ecosystem.”
The New Security Paradigm: Shift Left and Shield Right
Modern CISOs must adopt a comprehensive approach that extends beyond traditional security models. The concept of “shift left” – integrating security early in development – must now be complemented by “shield right” strategies that protect applications in production.
Harness’s platform addresses this by offering:
- Comprehensive SDLC security scanning
- Supply chain security monitoring
- API discovery and protection
- Runtime application security
- Continuous vulnerability assessment
The Supply Chain Security Challenge
One of the most critical emerging concerns is supply chain security. Recent high-profile breaches like SolarWinds demonstrated how compromised build systems could create catastrophic vulnerabilities.
Harness tackles this through advanced Software Bill of Materials (SBOM) generation and artifact attestation, allowing organizations to quickly identify and mitigate potential risks across their entire software ecosystem.
“With a zero-day vulnerability like Log4j, you can quickly search across artifacts and create governance policies to stop vulnerable pipelines,” Patamsetti explains.
The Human Element: Collaboration Over Conflict
Perhaps the most profound insight from our conversation was the cultural transformation required in cybersecurity. The days of antagonistic relationships between development and security teams are numbered.
“Security and development must go hand in hand,” Patamsetti emphasizes. “It cannot be an afterthought.”
Preparing for the Future
As artificial intelligence continues to reshape technology, cybersecurity professionals must become increasingly adaptive. The attackers are leveraging sophisticated AI tools, which means defenders must do the same.
Patamsetti predicts significant changes: “Defenders need to leverage AI to secure AI applications and agents. A lot will happen in the coming times.”
Call to Action for CISOs Modern cybersecurity leadership requires:
- Embracing AI-powered security platforms
- Breaking down organizational silos
- Implementing comprehensive SDLC security
- Continuous learning and adaptation
Learn more at https://www.harness.io/
Author’s Note: This exclusive interview was conducted live at the 2025 Black Hat Conference in Las Vegas, offering unprecedented insights into the future of application security. The article provides a strategic overview for CISOs navigating the complex intersection of development, security, and artificial intelligence. By understanding these emerging challenges, organizations can transform potential vulnerabilities into robust, adaptive security frameworks.
About the Author
Pete Green is the CISO / CTO of Anvil Works, a ProCloud SaaS company. With over 25 years of experience in information technology and cybersecurity, Pete is a seasoned and accomplished security practitioner.
Throughout his career, he has held a wide range of technical and leadership roles, including LAN/WLAN Engineer, Threat Analyst, Security Project Manager, Security Architect, Cloud Security Architect, Principal Security Consultant, Director of IT, CTO, CEO, Virtual CISO, and CISO.
Pete has supported clients across numerous industries, including federal, state, and local government, as well as financial services, healthcare, food services, manufacturing, technology, transportation, and hospitality.
He holds a Master of Computer Information Systems in Information Security from Boston University, which is recognized as a National Center of Academic Excellence in Information Assurance / Cyber Defense (CAE IA/CD) by the NSA and DHS. He also holds a Master of Business Administration in Informatics.