John Smith

CTO at Veracode.

Articles by: John Smith

A padlock resting on a keyboard.

AI models can’t fully understand security – and they never will

By John Smith published

Despite the hype around AI-assisted coding, research shows LLMs only choose secure code 55% of the time, proving there are fundamental limitations to their use.

Holographic silhouette of a human. Conceptual image of AI (artificial intelligence), VR (virtual reality), Deep Learning and Face recognition systems. Cyberpunk style vector illustration.

Why LLMs are plateauing – and what that means for software security

By John Smith published

Despite rapid generation of functional code, LLMs are introducing critical, compounding security flaws, posing serious risks for developers.

An abstract image of digital security.

Time is money - and a cyber risk problem

By John Smith published

A deep dive into why it’s taking longer for cyber risks to be fixed and what wider implications this has for organizations.

Hands on a laptop with overlaid logos representing network security

How AI-powered remediation can help tackle security debt

By John Smith published

AI-powered remediation helps organizations tackle security debt by automating vulnerability detection and resolution efficiently.

A computer being guarded by cybersecurity.

How responsible are software providers for cybersecurity?

By John Smith published

A look at how responsible software vendors are for security of their products.

Person using a laptop with a padlock symbol

It’s time to integrate container security into the developer environment

By John Smith published

New software, poorly managed secrets and security misconfigurations are among the security risks for containers.

Padlock - software security lessons

The lessons to be learned from the Colonial Pipeline attack

By John Smith published

The lessons to be learned about software security from the Colonial Pipeline attack.

Other versions of this page are available with specific content for the following regions: