Application Security in 2026: The Case for Rigor Over Speed

​Application Security in 2026: The Case for Rigor Over Speed

​Two incidents. Same ecosystem. Very different causes.

​One: a compromised maintainer account in the Axios project pushed a malicious update into npm, introducing a trojanized dependency that executed on install, before most organizations had visibility.

​Another: proprietary code unintentionally shipped as part of a production release tied to Claude Code, no external attacker, just gaps in build controls and release validation.

​What stands out is the breakdown of fundamentals:
• Dependency trust
• Release validation
• Known issues left unaddressed

​As development accelerates with even deeper reliance on open source and AI-assisted coding, the attack surface expands. But the root cause in many cases remains unchanged: discipline in secure development and verification.

​For CISOs, the challenge isn’t just keeping up with new threats; it’s ensuring the basics scale at the same pace as innovation.

Moderator:
Harsha Reddy — CISO, Veterinary Emergency Group

​Panelists:
Sumit Ohri — CISO, GetInsured
William Stroud — Senior Manager - Cyber Security Architecture & Engineering, PSEG
Pravin Kothari — Founder & CEO, PointGuard AI

​We’re bringing together a panel of experts to unpack this, what secure development really looks like in 2026, and what CISOs need to own.