[Rebroadcast] What are the Enterprise Security Risks in the Generative AI Era, as Seen in IPA's 'Top 10 Information Security Threats'?

AI Coding Proliferation in Development Sites, but Increased Risk of Vulnerability Contamination and IPA's Warning In recent years, the use of AI coding tools in development sites has rapidly spread, significantly improving development efficiency. On the other hand, there is a risk of unexpected vulnerabilities being mixed into AI-generated code, and IPA (Information-technology Promotion Agency, Japan) has warned of this risk as a new threat in its "Top 10 Information Security Threats 2025." In addition to traditional development methods, a new challenge of verifying AI-generated code has emerged, making vulnerability diagnosis more important than ever.

"Unchanging Measures" and "Measures to Be Reviewed" Even in the Generative AI Era While the utilization of AI-generated code is progressing, many companies lack the literacy to evaluate "how to assess code output by generative AI," and the judgment of the users is being questioned. AI-generated code may contain vulnerabilities even if it appears to operate normally, leading to oversights with traditional review standards. Furthermore, while development speed has dramatically improved, review systems have not kept pace, increasing the burden on reviewers, leading to perfunctory reviews, and an increase in cases where potential security holes are overlooked. Therefore, internal reviews alone have limitations, and vulnerability diagnosis by experts who can verify from an attacker's perspective is indispensable. This seminar will organize the unchanging principles of countermeasures and review systems that need to be re-evaluated, explaining practical judgment criteria such as "which scope should be prioritized for diagnosis" and "how to differentiate between automatic tools and manual diagnosis."

Defense Ministry-Adopted Level Diagnostic Technology, International CTF Japan's Top Experts Fully Support from Diagnosis to Re-diagnosis This seminar will introduce the vulnerability diagnosis service provided by GMO Cybersecurity by Ierae Inc., which utilizes advanced diagnostic technology adopted by the Ministry of Defense and a team of experts with top-class achievements in international security competitions (CTF) in Japan. White hat hackers conduct manual diagnoses using actual attack methods, discovering complex vulnerabilities that cannot be detected by automatic tools. The seminar will explain a practical approach that provides specific countermeasures in a detailed report and consistently supports from diagnosis to re-diagnosis after implementation of countermeasures.

Organizer/Co-organizer GMO Cybersecurity by Ierae Inc.

Cooperation - Open Source Utilization Research Institute Co., Ltd. - Majisemi Co., Ltd.

Majisemi will continue to hold webinars that are "useful for participants" in the future. Past seminar materials and other recruiting seminars are available.