Built-In, Not Bolt-On: Using Agentic IDE to Achieve Secure by Design

Tuesday, October 28, 2025

2:55 PM - 3:55 PM CT

Location: Volunteer C

CPE Credits 1

Co-Speaker(s)

Swati Babbar, CISSP

Security Engineer
Amazon.com Services LLC, United States
Daphne Gerstner, CISSP

Security Engineer
Amazon.com, United States

Traditional security tooling struggles to detect business logic flaws, creating critical gaps in application security. This session demonstrates how Secure by Design principles, enhanced by an Agentic IDE, can revolutionize the Software Development Lifecycle.

We'll explore why conventional automated scanners fall short in identifying complex business risks and showcase how an Agentic IDE can analyze design documentation to generate comprehensive threat models. Through practical demonstrations, we'll illustrate how Agentic Solutions can process both high-level architecture and low-level design specifications to identify potential business logic vulnerabilities that typically evade traditional security tools.

Join us to learn how to integrate Agentic Solutions into your design phase, starting with a proof-of-concept sprint using AI on your existing applications. Compare these AI-driven insights with traditional security findings and revolutionize your secure design practices.

Learning Objectives:

Implement Agentic-driven security analysis during the design phase of their SDLC, specifically using an Agentic IDE to identify business logic vulnerabilities early in the SDLC.
Demonstrate how to translate high-level architectural documentation into actionable threat models using AI-powered tools, moving beyond traditional automated security scanning limitations.
Execute a proof-of-concept security assessment that combines both traditional security tools and LLM-based analysis to create a more comprehensive vulnerability detection strategy.