Generative AI is rapidly becoming embedded in software delivery pipelines through code copilots, third-party models, and autonomous agents that shape products in real-time. For technology leaders, this introduces a new class of risks that traditional secure SDLC practices don’t fully address: poisoned dependencies, model supply-chain vulnerabilities, opaque agent behaviour, and regulatory scrutiny.

In this session, we’ll examine the implications of both using your own AI models and consuming third-party ones, and what this means for the resilience and reputation of your organisation. Attendees will learn how to evolve their delivery lifecycle to account for AI, where governance must catch up, and how AI itself can play a role in defending the enterprise.

Key points covered:

Strategic Impact - AI changes the threat model of your delivery organisation; leaders must reassess governance and risk appetite.

Supply Chain Reality - Third-party AI models and agents become critical dependencies that require the same scrutiny as open-source packages.

Secure Evolution - The secure SDLC must evolve with AI: treat AI outputs as untrusted, enforce model provenance, and explore AI-enabled defences.