Cutting Through AppSec Noise in the Age of GenAI
None
<div style="padding: 56.25% 0 0 0; position: relative;"><iframe style="position: absolute; top: 0; left: 0; width: 100%; height: 100%;" title="SBOM: The Second Act in a Five-Act Play with Neatsun Ziv" src="https://player.vimeo.com/video/1111692439?badge=0&autopause=0&player_id=0&app_id=58479" frameborder="0"></iframe></div><p><script src="https://player.vimeo.com/api/player.js" type="9f1fbaddadc93734e80ef28e-text/javascript"></script></p><p data-start="526" data-end="795">The way organizations think about application security is shifting—fast. OX Security Co-Founder and CEO Neatsun Ziv talks about why the old playbook of “scan, list, and hand over to developers” has run its course.</p><p data-start="797" data-end="1304">Ziv explains how the flood of vulnerabilities—now averaging close to 100 new disclosures daily—collides with today’s resource-strapped security teams. Add to that the surge of GenAI-generated code, much of it riddled with flaws, and the burden on developers and AppSec engineers is heavier than ever. A static list of issues is no longer enough; developers need evidence, prioritization, and guidance they can act on without stalling innovation.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwxXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p data-start="1306" data-end="1778">He highlights a sobering truth: Not all vulnerabilities matter equally. Research shows that a relatively small subset of flaws drives the majority of breaches. The challenge is separating the noise from the real risks and then proving those decisions to auditors and boards. Ziv outlines how OX Security is trying to reframe the conversation—helping teams zero in on the critical 5% of issues and even providing suggested fixes through agentic remediation.</p><p data-start="1780" data-end="2099">It’s a model built around trust and practicality: Give developers context and confidence, give auditors evidence, and give security leaders a way to stay ahead of an accelerating threat curve. With AI changing how code is written, reviewed, and exploited, the industry needs tools and approaches that match that pace.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="9f1fbaddadc93734e80ef28e-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="9f1fbaddadc93734e80ef28e-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p data-start="2101" data-end="2299">For practitioners, the takeaway is clear: AppSec can’t just be about detection. It has to be about focus, collaboration, and enabling secure software delivery—even as the ground shifts beneath us.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/08/cutting-through-appsec-noise-in-the-age-of-genai/" data-a2a-title="Cutting Through AppSec Noise in the Age of GenAI"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fcutting-through-appsec-noise-in-the-age-of-genai%2F&linkname=Cutting%20Through%20AppSec%20Noise%20in%20the%20Age%20of%20GenAI" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fcutting-through-appsec-noise-in-the-age-of-genai%2F&linkname=Cutting%20Through%20AppSec%20Noise%20in%20the%20Age%20of%20GenAI" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fcutting-through-appsec-noise-in-the-age-of-genai%2F&linkname=Cutting%20Through%20AppSec%20Noise%20in%20the%20Age%20of%20GenAI" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fcutting-through-appsec-noise-in-the-age-of-genai%2F&linkname=Cutting%20Through%20AppSec%20Noise%20in%20the%20Age%20of%20GenAI" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F08%2Fcutting-through-appsec-noise-in-the-age-of-genai%2F&linkname=Cutting%20Through%20AppSec%20Noise%20in%20the%20Age%20of%20GenAI" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>