OWASP Austin Chapter Monthly Meeting - June 2025 (Online)

30 minutes of meet-and-greet and Chapter information, then the Presentation! (if you want to attend in-person, see Eventbrite.)

### SAST on Rewind: Moving from Pattern-Matching to Contextual Security in the Age of AI

Static analysis was built for yesterday’s code. Its rule-based engines still hunt for familiar strings while AI assistants generate brand-new logic paths at record speed. The result? False positives everywhere, real vulnerabilities left open, and developers who treat security findings like background noise.

In this 40-minute session, James Wickett, CEO & Co-Founder of DryRun Security, hits “rewind” to show where traditional SAST got stuck—and fast-forwards to a context-first approach that finally keeps pace with modern development. Drawing on fresh data from the 2025 SAST Accuracy Report and real cod stories, James will:

1. Contrast patterns vs. context — why deterministic rules miss IDOR, broken auth, and AI-generated edge cases.
2. Unpack probabilistic scanning — how contextual signals cut noise without sacrificing coverage.
3. Contextual Security Analysis in Action — a live authorization flaw that slipped through regex nets.
4. Share a plan for AI readiness for AppSec — tools, projects, resources to plan for AI readiness for your appsec or product security program.

Attendees will leave with open-source resources, clear ROI talking points for leadership, and a practical roadmap to upgrade their AppSec program for the AI era—no VHS tape required.

Speaker:
James Wickett