
#275 - How to Secure Vibe Code (with Shahar Man)
From CISO Tradecraft® by G Mark Hardy & Ross Young
March 16, 2026 · 46 min · Episode 275
About this episode
The episode discusses the security implications of AI-driven vibe coding tools with expert Shahar Man.
In this CISO Tradecraft episode, host G Mark Hardy interviews Shahar Man of Backslash Security about the rapidly expanding attack surface created by AI-driven “vibe coding” tools like Claude Code, Cursor, and Copilot. Shahar explains how prompting is shifting software creation, affecting education and hiring, and pushing security “further left” to the prompt, agent, MCP, skills, and rules level. He discuss risks such as loss of source integrity, excessive permissions, prompt injection, data leaks, use of unauthorized tools or accounts, and the spread of coding beyond engineering to teams like marketing and finance. Shahar argues AppSec work will transform toward securing the “sausage factory” and describes Backslash’s approach: enterprise-wide visibility, component vetting, endpoint monitoring via a local proxy, guardrails and blocking, and forwarding alerts to SOC/SIEM, with deployments scaling to thousands of workstations. Looking to get more secure on Vibe Coding? Check out the Ultimate 2026 Vibe Coding Security Buyer's Guide…
People in this episode
Host: G Mark Hardy
Guest: Shahar Man
Topics covered
- AI-driven coding tools
- software security
- prompt engineering
- AppSec transformation
- enterprise security
- vibe coding
Keywords
- vibe coding
- AI security
- software development
- prompt injection
- data leaks
- enterprise visibility
- AppSec
Mentioned in this episode
Organizations: Backslash Security, SOC/SIEM
Products: Claude Code, Cursor, Copilot
More episodes of CISO Tradecraft®
- #287 - Cybersecurity Insights You'll Want to Hear (with Michael Hammer) · June 8, 2026 · 45 min
- #286 - AI-Native Security (with Nishant Doshi & Saro Subbiah) · June 1, 2026 · 46 min
- #285 - Passwordless Authentication (with Nishant Kaushik) · May 25, 2026 · 42 min
- #284 - Lessons Learned from SQL Slammer to AI Agents (with Aaron Turner) · May 18, 2026 · 46 min
- #283 - Leadership Lessons and the Art of the Performance (with Chris Brogan) · May 11, 2026 · 48 min
- #282 - Top 10 Agentic AI Attacks (with Rock Lambros) · May 4, 2026 · 45 min
Explore listener stats, chart rankings, contacts and more on the CISO Tradecraft® podcast page.