This is an excerpt from our Tanzu Catsup last week. In that episode we talked all about how this AI stuff is changing - for the better - how you can handle security problems at the app layer.
It’s Monday morning. Your boss walks up, says “scrap the backlog, we’ve got a list of CVEs longer than that curved screen we bought you last year, the CISO is coming, fix them,” and goes to brunch. A year ago you had 30 days to triage anything under a CVSS seven. Now two lows can chain into a nine, the exploit is already in the wild before policy catches up, and both sides of the fence have AI for finding more.
This is the 3-minute version of @dashaun joining @thecote and David Zendzian on Tanzu Catsup to walk through what that Monday actually looks like at the application developer level. DaShaun on the new patching math and OpenRewrite. David on what AI plus an MCP server does to a pen-test timeline. The metric question at the end.
Check out the full episode, it was fun and packed with good discussion.