Full episode and show notes

Keeping Up With the OWASP GenAI Project – Scott Clinton – ASW #381

Speed is the most common theme among developers and appsec teams working with LLMs and agents, from trying to keep up with patterns for deploying agents to dealing with more code faster to how the latest models impact code quality and security. The OWASP GenAI Project is helping organizations keep up with the speed of those changes and engaging the appsec community for sharing effective ways to keep systems secure. Scott Clinton shares the latest progress on the the project, its roadmap for the year, and how appsec practitioners can shape its future. Resources: https://genai.owasp.org/2026/04/28/finbot-ctf-is-live-a-hands-on-companion-to-the-owasp-genai-security-project/, https://genai.owasp...

This episode is sponsored by
Full Segment Notes

Speed is the most common theme among developers and appsec teams working with LLMs and agents, from trying to keep up with patterns for deploying agents to dealing with more code faster to how the latest models impact code quality and security. The OWASP GenAI Project is helping organizations keep up with the speed of those changes and engaging the appsec community for sharing effective ways to keep systems secure. Scott Clinton shares the latest progress on the the project, its roadmap for the year, and how appsec practitioners can shape its future.

Resources:

This segment is sponsored by The OWASP GenAI Security Project. Visit https://securityweekly.com/owasp to learn more about them!

Guest
Co-chair, Co-founder at OWASP GenAI Security Project

Scott Clinton is Co-Chair and Co-Founder of the OWASP GenAI Security Project, leading strategy, operations, and growth. A 25+ year industry executive and 20-year open source leader, he has built and scaled open source businesses and industry consortiums across security, DevOps, AI/ML, and data markets. Scott is a published author and research lead, including the Gen AI Security Landscape and AI Security Center of Excellence Guide. Scott also holds multiple board and advisory roles with technology companies helping guide organization scale and growth.

Announcements

  • If you’re building or securing applications today, generative AI just changed your threat model.

    AI-generated code, prompt injection, data leakage, and agentic workflows are introducing risks your current AppSec tools were never designed to handle. And with DevOps moving faster than ever, the gap between shipping and securing is only getting wider.

    So how do you actually secure what you’re building?

    Join us May 27 for the OWASP Generative AI Virtual Cybersecurity Summit. Hear from the experts behind the OWASP GenAI Security Project on the top risks in LLMs and agentic AI, and how to secure AI systems across the entire SDLC.

    Get practical guidance, real-world strategies, and the tools you need to stay ahead of AI-driven threats.

    Security Weekly listeners can register for free at https://securityweekly.com/genai using the promo code: CSS26-SW

List of Articles

Mike Shema

  1. PyPI has completed its second audit
  2. Copy Fail: 732 Bytes to Root on Every Major Linux Distribution.
  3. Securing GitHub: Wiz Research uncovers Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854)
  4. We Asked Claude to Audit Sagredo’s qmail. It found a RCE.
  5. FYI: Unprompted Presentations Playlist
Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Segments

Related Content

You can skip this ad in 5 seconds