Beck Lin

Digicentre / Software Engineer, Technical Development Department II

Currently serving as Software engineer at Digicentre, responsible for secure software development, providing SAST issue fix recommendations, and assisting clients with DevSecOps planning.

SPEECH
4/17 (Thu.) 10:15 - 10:45 7F 701F Secure Software & DevSecOps Forum
Transform Your SAST Issue Fix Experience into an AI Security Advisor That Understands Your System

When fixing SAST issues, developers need to know how to apply generic security recommendations to fix issues in their system context. This talk demonstrates how to combine SAST issue fix experience with RAG technology to create an intelligent security advisor that understands your system context. We'll explore building a knowledge base of fix patterns. Through practical examples, we'll show how this system operates in CI pipelines to help teams efficiently resolve SAST findings, and share methods for capturing fix experience to build an intelligent advisor that provides precise, context-aware security recommendations.