The Cybersecurity Defenders Podcast·May 15, 2026·31m·Episode #232

How to handle increasing vulnerabilities with AI-assistants? With Shane Warden from ActiveState / Defender Fridays [#232]

Download audio Show notes Apple Podcasts

Show notes

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

What We'll Discuss

In this episode, Shane Warden draws on his experience supporting security for well-known open source projects to explore how AI-assisted vulnerability reporting is changing the threat landscape, and why what's happening in open source today is a preview of what every organization will face.

Key Topics:

Why open source projects are the early warning system for what's coming to enterprise security
How a flood of 95 AI-generated vulnerability reports turned into a six-figure extortion attempt
Why even a three percent legitimate hit rate still creates a real and unignorable workload for maintainers
How teams are using AI to respond to AI-generated reports, and where humans still need to be in the loop

What projects like curl, the Linux kernel, and Zig are doing differently in response to AI contributions
Why understanding your open source dependencies and their versions is more urgent than ever
The reputational risk of AI-generated vulnerability claims, even when those claims are false

About Our Guest

Shane Warden is Principal Architect at ActiveState and has been involved in open source since the late 1990s. Behind the scenes, he supports security for several well-known free software projects and has been navigating the growing wave of AI-assisted vulnerability submissions firsthand.

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience.

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

Sponsored by LimaCharlie

This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable.

Why LimaCharlie?

Eliminate vendor sprawl and tool complexity
Deploy and scale effortlessly on native multi-tenant architecture
Reduce costs with intelligent data routing and free 1-year retention
Build custom solutions with 100+ security capabilities on-demand

Accelerate response with agentic AI that acts directly within predefined workflows

Try the Agentic SecOps Workspace free: https://limacharlie.io

Learn more: https://docs.limacharlie.io

Follow LimaCharlie

LinkedIn: / limacharlieio

X: https://x.com/limacharlieio

Community Discourse: https://community.limacharlie.com/

Host: Maxime Lamothe-Brassard - Founder at LimaCharlie

Guest: Shane Warden - Principal Architect at ActiveState

← Previous

Does the rise of AI mean human-led SOCs are obsolete? With Dr. Adeel Shaikh Muhammad [#322]

Join us for this week's Defender Fridays as Shane Warden, Principal Architect at ActiveState, shares what it's actually like to be on the receiving end of AI-assisted vulnerability reporting and what open source maintainers are already dealing with that the rest of the industry will face soon. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands. What We'll Discuss In this episode, Shane Warden draws on his experience supporting security for well-known open source projects to explore how AI-assisted vulnerability reporting is changing the threat landscape, and why what's happening in open source today is a preview of what every organization will face. Key Topics: Why open source projects are the early warning system for what's coming to enterprise security How a flood of 95 AI-generated vulnerability reports turned into a six-figure extortion attempt Why even a three percent legitimate hit rate still creates a real and unignorable workload for maintainers How teams are using AI to respond to AI-generated reports, and where humans still need to be in the loop What projects like curl, the Linux kernel, and Zig are doing differently in response to AI contributions Why understanding your open source dependencies and their versions is more urgent than ever The reputational risk of AI-generated vulnerability claims, even when those claims are false About Our Guest Shane Warden is Principal Architect at ActiveState and has been involved in open source since the late 1990s. Behind the scenes, he supports security for several well-known free software projects and has been navigating the growing wave of AI-assisted vulnerability submissions firsthand. Register for Live Sessions Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you, our audience. Register here: https://limacharlie.io/defender-fridays Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website! Sponsored by LimaCharlie This episode is brought to you by LimaCharlie, the Agentic SecOps Workspace (ASW), where AI agents operate security infrastructure using the same controls and authority as human analysts, with every action visible, governed, and auditable. Why LimaCharlie? Eliminate vendor sprawl and tool complexity Deploy and scale effortlessly on native multi-tenant architecture Reduce costs with intelligent data routing and free 1-year retention Build custom solutions with 100+ security capabilities on-demand Accelerate response with agentic AI that acts directly within predefined workflows Try the Agentic SecOps Workspace free: https://limacharlie.io Learn more: https://docs.limacharlie.io Follow LimaCharlie Sign up for free: https://limacharlie.io LinkedIn: / limacharlieio X: https://x.com/limacharlieio Community Discourse: https://community.limacharlie.com/ Host: Maxime Lamothe-Brassard - Founder at LimaCharlie Guest: Shane Warden - Principal Architect at ActiveState