Build AI Apps with Azure, Copilot, and Generative AI — Microsoft Certified
Stuck in Tutorial Hell? Learn Backend Dev the Right Way
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore the challenges and realities of using AI to automatically fix security vulnerabilities in code through this conference talk that chronicles both spectacular failures and eventual breakthroughs in building an automated remediation system. Learn from real-world experiences where initial attempts with LLMs produced absurd solutions like deleting entire functions to "fix" vulnerabilities, and discover how simple approaches like zero-shot classifiers, tree of thought prompting, and reflexion loops often resulted in impractical 200-line refactors or incorrectly marking serious security issues as false positives. Understand why basic RAG and prompting techniques proved insufficient and examine the evolution toward more sophisticated solutions involving constraint-based action planning, feedback loops from actual developer behavior, and multi-agent workflows that debate solutions before implementing changes. Gain practical insights into the technical and human factors that determine whether developers will trust and adopt AI-assisted code remediation tools, while learning what approaches to avoid and which strategies show promise for creating effective automated security fixes that developers actually want to use.
Syllabus
Why Auto-Fixing Vulnerable Code Needs More Than Good Intentions - Spyros Gasteratos
Taught by
NDC Conferences