Over the last 18 months, we’ve witnessed a fundamental shift in the AI landscape. We have gone from asking models for information to giving them the keys to our systems. This move from “Generative” to “Agentic” AI is not just a technical upgrade; it is a massive change in our organisational risk profile. The Singapore […]
I’ve spent a lot of my career looking at the friction between how we want to work and how we actually deliver, and I have noticed a recurring issue that has nothing to do with the quality of the applications we build. We are hiring incredibly talented engineers to write high quality code, but we
Why Manual Oversight is Now Your Greatest Systemic Risk Read More »
I keep hearing the same dismissal from technical leaders and executives when the topic of AI in the development cycle comes up. They point to issues with code quality, the introduction of security vulnerabilities, or logic that simply doesn’t hold up under pressure. They claim that because a Large Language Model currently performs like a
Scaling Governance for AI Read More »
If there is one mantra that has defined the last decade of tech, it is “move fast and break things.” And looking at the Australian ecosystem right now, we are certainly moving fast. But I worry we are about to break the wrong things. There is a dangerous disconnect playing out in our sector. On
The Governance Blindspot: Mistaking Recklessness for Speed Read More »
I know it didn’t always feel like it, but with the benefit of hindsight, Application Security used to be a straightforward game. You wrote your code, you ran your scans, you fixed your warnings, and you went home. But lately there has been a shift. Teams aren’t spending their time fixing the code they wrote
The Code We Didn’t Write: Why the “Integrity Crisis” is the Real Story of OWASP 2025 Read More »