- Semgrep Code
  Find and fix the issues that matter in your code (SAST)
- Semgrep Supply Chain
  Fix vulnerabilities in open source dependencies and block malware
- Semgrep Secrets
  Find and fix hardcoded secrets with semantic analysis
- Semgrep AppSec Platform
  Automate, manage, and enforce security across your organization
- Semgrep Workflows
  Build and deploy security pipelines that combine static analysis with AI at scale
- Product Updates
  Stay up to date on changes to the Semgrep platform, big and small
- Secure Vibe Coding
  Secure your code, no matter who (or what) writes it.
- Open-Source Malware Protection
  Protect against software supply chain attacks
- Static application security testing
  Increase security while accelerating development
- OWASP Top 10
  Prevent the most critical web application security risks
- Secure Guardrails
  Protect Your Code with Secure Guardrails
- Fintech
  Mitigate software supply chain risks
- SaaS & Cloud
  Increase security while accelerating development
- Docs
  Want to read all the docs? Start here
- Blog
  Get the latest news about Semgrep
- ROI Calculator
  See how Semgrep can save you time and money
- Community Slack
  Join the friendly Slack group to ask questions or share feedback
- Events
  Join us at a Semgrep Event!
- Case Studies
  See why users love Semgrep
- Video Library
  View our library of on-demand webinars
- Community Edition
- About
  The Semgrep story & values
- Careers
  Join the team!
- Partners
  Become a Semgrep partner
Pricing
Sign in
Product support
Contact us
Book demo Try for free

Semgrep events webinar

Security Rulez: Should AppSec Engineers Still Learn AppSec?

Date

Time

details

AI tools can now scan code, review pull requests, generate fixes, and even write security tooling. And that raises an uncomfortable question: If machines can do most of the security work, what should future AppSec engineers actually learn?

In this episode of Security Rulez, Dr. Katie Paxton-Fear is joined by Anshuman Bhartiya, Application Security Engineer turned Tech Lead at Lyft to debate what the AppSec role looks like in an agent-driven world.

With just a handful of security engineers supporting a large engineering organization, Anshuman has been experimenting with how automation and agentic systems can help small AppSec teams scale. Instead of manually operating tools, the next generation of security engineers may act more like orchestrators, directing agents that perform scans, reviews, and security analysis.

But if agents are doing the operational work, what should the human security engineer focus on? We’ll peer into our crystal ball and answer:

What is the future of AppSec Engineer as a role? And what will the AppSec engineer of the future specialize in?
How do AppSec engineers become orchestrators rather than tool-users?
Should AppSec engineers still learn how to code in the AI era?
How do leaders mentor junior engineers when AI can already write large amounts of code?
And are security teams debating the wrong questions about AI entirely?

Expect strong opinions, practical lessons from scaling security with a small team, and a candid conversation about how AppSec engineers should adapt to the AI era.

Speakers

Anshuman Bhartiya
Lyft

Staff Security Engineer

Dr. Katie Paxton-Fear
Semgrep

Staff Security Advocate

Your privacy matters to us. By submitting this form, you agree to our Privacy Policy