Cyber Daily Report

News

Home News

Why AI Changes the Risk Model for Application Security

  • Alan Shimel--securityboulevard.com
  • published date: 2026-01-07 00:00:00 UTC

None

<div style="padding: 56.25% 0 0 0; position: relative;"><iframe style="position: absolute; top: 0; left: 0; width: 100%; height: 100%;" title="AI Is Moving Faster Than Security" src="https://player.vimeo.com/video/1151609387?badge=0&amp;autopause=0&amp;player_id=0&amp;app_id=58479" frameborder="0"></iframe></div><p><script src="https://player.vimeo.com/api/player.js"></script></p><p data-start="375" data-end="764">As AI becomes embedded in everyday development workflows, the security model for applications is shifting fast — and not always in ways teams are prepared for. James Wickett, CEO of DryRun Security, breaks down why “AI everywhere” is forcing organizations to rethink what application security should look like when developers are shipping faster than ever.</p><p data-start="766" data-end="1170">Wickett explains the gap he saw in the original “shift left” movement: despite years of effort, many security tools still don’t feel tangible or helpful to developers. Too often, the industry tried to retrofit legacy approaches — pattern matching and noisy findings — into modern pipelines, leaving dev teams overwhelmed and security teams stuck prioritizing work that may not map to real exploitability.</p><p data-start="1172" data-end="1664">The conversation then turns to what makes AI applications different. Wickett argues that the moment you put an LLM into production, you change the risk model: you’ve introduced a probabilistic system that can access new data, take actions, and behave in ways deterministic tools weren’t designed to assess. That mismatch shows up in practice as high usage paired with low trust — developers may rely on AI assistants for speed, while still worrying about instability and security regressions.</p><p data-start="1666" data-end="1996" data-is-last-node="" data-is-only-node="">Wickett also shares what teams are asking for now: clearer definitions of AI risk, reference architectures, and best-practice controls that cover issues like prompt injection and excessive agency. The goal isn’t to slow development down — it’s to evolve security alongside AI so teams can keep moving quickly without flying blind.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/01/why-ai-changes-the-risk-model-for-application-security/" data-a2a-title="Why AI Changes the Risk Model for Application Security"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-changes-the-risk-model-for-application-security%2F&amp;linkname=Why%20AI%20Changes%20the%20Risk%20Model%20for%20Application%20Security" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-changes-the-risk-model-for-application-security%2F&amp;linkname=Why%20AI%20Changes%20the%20Risk%20Model%20for%20Application%20Security" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-changes-the-risk-model-for-application-security%2F&amp;linkname=Why%20AI%20Changes%20the%20Risk%20Model%20for%20Application%20Security" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-changes-the-risk-model-for-application-security%2F&amp;linkname=Why%20AI%20Changes%20the%20Risk%20Model%20for%20Application%20Security" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fwhy-ai-changes-the-risk-model-for-application-security%2F&amp;linkname=Why%20AI%20Changes%20the%20Risk%20Model%20for%20Application%20Security" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div>

Most Popular

PayPal email scam: How it worked before the fix

  • None -- securityboulevard.com
  • Published date: 2026-01-08 00:00:00 UTC

Zero-Knowledge Compliance: How Privacy-Preserving Verification Is Transforming Regulatory Technology

  • Devin Partida -- securityboulevard.com
  • Published date: 2026-01-08 00:00:00 UTC

Attackers Don’t Guess and Defenders Shouldn’t Either

  • Jon Baker -- securityboulevard.com
  • Published date: 2026-01-08 00:00:00 UTC

The Silent Scourge: A Call to Action Against Burnout in Cybersecurity

  • Greg Sullivan -- securityboulevard.com
  • Published date: 2026-01-08 00:00:00 UTC

The Myth of Linux Invincibility: Why Automated Patch Management is Key to Securing the Open Source Enterprise

  • Deepak Kumar -- securityboulevard.com
  • Published date: 2026-01-08 00:00:00 UTC