~ Katie Kemp, Semgrep

What industry trends and tech developments are you looking forward to seeing at this year’s show?

At this year’s show, we’re excited to see how AI continues to reshape cybersecurity, particularly in code security and developer-first security solutions. AI-powered code analysis and automation are helping security teams reduce noise, accelerate remediation, and scale their efforts efficiently. Additionally, trends in software supply chain security and real-time risk detection will be front and center, as companies look for ways to mitigate threats at every stage of the development lifecycle. Semgrep is at the forefront of these trends, delivering automated security that developers actually want to use.

What are some of the biggest challenges facing your industry in 2025?

One of the biggest challenges in 2025 is managing the overwhelming volume of security alerts while ensuring that the most critical vulnerabilities don’t get lost in the noise. Traditional security tools are too noisy, expensive, and slow, making it difficult for teams to keep up. Additionally, as software complexity grows, security solutions must scale efficiently without slowing down developers. The shift-left movement is still evolving, and companies must balance security with developer velocity to remain competitive. Semgrep helps address these challenges by enabling precise, developer-friendly security that catches what other tools miss.

What excites you most about your industry right now?

The convergence of security and development is more exciting than ever. Developers are taking a greater role in securing their own code, and security teams are moving toward more collaborative, developer-friendly approaches. We are seeing a push toward AI and actionable security—cutting through the noise and focusing on real threats instead of endless false positives. The ability to automate and really shift security left while keeping teams productive is a game-changer.

Why is it important to bring industry professionals together at events like this?

Events like this are critical for fostering collaboration, sharing best practices, and pushing the industry forward. Cybersecurity and AppSec are evolving rapidly, and professionals need to stay ahead of emerging threats and innovations. Bringing together developers, security leaders, and technology providers creates opportunities for meaningful discussions on how to improve security without slowing down innovation. At Semgrep, we believe that security should be built into the development process—not bolted on after the fact—and these events help drive that conversation.

What’s the best piece of advice you would give to newcomers joining the industry?

Focus on understanding both security and development. The most effective security professionals are those who can bridge the gap between the two. Learn how developers think, how modern applications are built, and where security risks arise in the software lifecycle.