TestGuild Automation Podcast Testing AI Vibe Coding: Stop Vulnerabilities Early with Sarit Tager
Nov 16, 2025
Join Sarit Tager, VP of Product for Application Security at Palo Alto Networks, as she discusses the emerging risks of AI-generated code. With a rich developer background, Sarit dives into how vibe coding is changing workflows and the inevitable vulnerabilities AI can introduce. She emphasizes the importance of guardrails, secure prompts, and prioritizing genuine risks over false positives. Sarit also shares insights on balancing security with delivery speed and the evolving role of AI in protecting applications against new attack surfaces.
AI Snips
Chapters
Transcript
Episode notes
Vibe Coding Reframes Developer Roles
- Vibe coding shifts who counts as a developer by letting prompts define functionality rather than traditional coding.
- That change raises the question of who is responsible for fixing AI-generated vulnerabilities.
Generate Secure Code, Don’t Patch Later
- Prevent vulnerabilities by generating secure code up front with guardrails instead of fixing issues after the fact.
- Embed rules and checks into the AI generation step to produce code secure-by-default.
IDE Agents Are A New Attack Surface
- IDE agents introduce a new attack surface beyond code quality, including exfiltration and destructive commands.
- Security now must consider autonomous agents' capabilities inside developer environments.