Coffee, Chaos and ProdSec Ep 34 - SPVS 1.5 Is Live: AI Pipeline Security Controls ft. Farshad Abasi
ποΈ Coffee, Chaos and ProdSec, Ep 34 AI is already in your pipeline. Your agents are making decisions. And most teams have no controls governing any of it.
This week Cameron, Kurt, and returning guest Farshad Abasi crack open SPVS 1.5, the OWASP Secure Pipeline Verification Standard community feedback release that ships 132 AI and agentic pipeline security controls across 31 subcategories. From NHI governance for AI agents to AIBOM requirements, deterministic tool authorization, prompt injection classification, and adversarial testing as a hard release gate, this episode covers what the standard actually says and why building it made the gap impossible to ignore.
If you work in Application Security, DevSecOps, or Product Security and you have ever approved an AI tool for your pipeline without a governance framework to back it up, this one is going to hit.
β New episodes every Wednesday.
Coffee, Chaos and ProdSec -> strong coffee, stronger opinions.