#247: You Built It with AI - Here's Why It Isn’t Secure Yet

This is the first part of a three-part series on Dr. Katie Paxton-Fear’s excellent presentation

#247: You Built It with AI - Here's Why It Isn’t Secure YetLessons from Hack Before You Launch with Dr. Katie Paxton-Fear
͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     ͏     
Forwarded this email? Subscribe here for more
#247: You Built It with AI - Here's Why It Isn’t Secure Yet
Lessons from Hack Before You Launch with Dr. Katie Paxton-Fear
Austin Miller
Jun 5 

READ IN APP

This is the first part of a three-part series on Dr. Katie Paxton-Fear’s excellent presentation, Hack Before You Launch. If you would like to stay up to date with the other articles, check out _secpro’s sister publication, cyber_ai.
Get CYBER_AI
OAuth governance was built for fixed-purpose SaaS apps. AI agents break that model.
When a user authorizes AI to Google Workspace, the grant event is indistinguishable from any other OAuth connection: same log format, same risk signals. But the behavior isn’t the same. A traditional app acts within predictable scope. An AI agent’s behavior is decided at inference time, driven by prompts your security team never sees.
Your SSPM sees the grant. It doesn’t see what happens after.
Material‘s OAuth Remediation Agent monitors real-time activity post-grant, classifies risk by observed API behavior, and auto-revokes tokens the moment something deviates, without blocking legitimate AI adoption.
See how it works
Artificial intelligence has transformed software development at a remarkable pace. Tasks that once required experienced developers, months of planning, and significant financial investment can now be completed by individuals with little or no formal programming background. By describing a desired outcome in natural language, users can generate websites, databases, internal tools, and customer-facing applications in a matter of hours.
This phenomenon, often referred to as “vibe coding”, has lowered the barriers to software creation more dramatically than any previous technological shift. Entrepreneurs can test ideas without hiring development teams. Internal business units can build their own solutions rather than waiting for IT departments. Hobbyists can experiment with concepts that would previously have remained little more than sketches on paper.
Packt SecPro  is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
Upgrade to paid
Yet while AI has made software development more accessible, it has not eliminated the challenges that accompany software deployment. Security remains one of the most significant of those challenges. During the recent “Hack Before You Launch” workshop, cybersecurity researcher Dr. Katie Paxton-Fear explored the growing disconnect between building applications and securing them, demonstrating how AI-generated software can quickly accumulate vulnerabilities despite appearing fully functional. Readers interested in the workshop itself can view the original event description and learning objectives here: Hack Before You Launch event page
The workshop’s central message was not that AI-generated code is inherently dangerous. Rather, it was that functionality and security are fundamentally different objectives: an application can successfully perform every task it was designed to accomplish while still exposing sensitive data, permitting unauthorised access, or creating opportunities for attackers. These categories of weakness align closely with the industry-standard OWASP Top 10 Web Application Security Risks, which remains one of the most widely used frameworks for evaluating application security.
Hear from Anthropic CISO, Jason Clinton, on why AI changed cybersecurity forever
Register for Forward, June 9-11, for a once-in-a-lifetime conversation