- 0:00 - – RSAC 2026 Intro & Sonatype Overview
- 0:35 - – What Sonatype Does (Maven, Nexus & Open Source Ecosystem)
- 02:16 - – What is Software Intelligence for AI Coding?
- 02:30 - – How AI Coding Tools Lack Real-Time Security Context
- 04:09 - – Feeding AI Agents Real Vulnerability & Dependency Data
- 05:04 - – The Risk of AI Choosing Deprecated or Vulnerable Code
- 05:16 - – AI Hallucinations vs Security Accuracy Explained
- 06:41 - – Why AI Became More “Cautious” (But Less Effective)
- 07:35 - – Hidden Risk: False Confidence in AI Security Reviews
- 08:40 - – Improving AI Accuracy with Grounded Data (MCP)
- 10:28 - – Using MCP Servers for AI Coding Intelligence
- 11:06 - – AI + Human Collaboration in Secure Development
- 11:44 - – The Future of Developers: AI as an Abstraction Layer
- 12:43 - – Natural Language as the New Programming Interface
- 13:45 - – Can AI Be Trusted in Secure Environments?
- 14:31 - – Why AI Must Follow Traditional Security Best Practices
Brian Fox is CTO and co-founder of Sonatype, with more than 20 years of experience spanning software development, open source, and cybersecurity. A founder of Maven Central and former chair of the Apache Maven project, he also serves in leadership and advisory roles with OpenSSF, FINOS, Singapore’s CTREX Panel, and the Apache Software Foundation.


