# Conducting Secure Code Analysis with LLMs - ASW #370

Page: https://stenobird.com/podcast/application-security-weekly-audio-436682/conducting-secure-code-analysis-with-llms-asw-370
Text version: https://stenobird.com/podcast/application-security-weekly-audio-436682/conducting-secure-code-analysis-with-llms-asw-370.md
Podcast: [Application Security Weekly (Audio)](https://stenobird.com/podcast/application-security-weekly-audio-436682)
Published: 2026-02-17T10:00:00+00:00
Episode link: https://aswaudio.libsyn.com/conducting-secure-code-analysis-with-llms-asw-370
Audio file: https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_370_1--fed0a74d-355c-43b4-8197-7bfededb3ed1--audio-converted--e97a2739-716a-4c20-bd71-ebf4305297a5.mp3?dest-id=626765
Processing state: not_requested
JSON: https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/conducting-secure-code-analysis-with-llms-asw-370
Duration seconds: 2786

## Resource

A major premise of appsec is figuring out effective ways to answer the question, "What security flaws are in this code?" The nature of the question doesn't really change depending on who or what wrote the code. In other words, LLMs writing code really just means there's mode code to secure. So, what about using LLMs to find security flaws? Just how effective and efficient are they? We talk with Adrian Sanabria and John Kinsella about the latest appsec articles that show a range of results from finding memory corruption bugs in open source software to spending an inordinate amount of manual effort validating persuasive, but ultimately incorrect, security findings from an LLM. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-370

## Actions

- request_transcript: `POST https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/conducting-secure-code-analysis-with-llms-asw-370/transcription-requests` — Idempotently request low-priority transcript generation for this episode.
- read_markdown: `GET https://stenobird.com/podcast/application-security-weekly-audio-436682/conducting-secure-code-analysis-with-llms-asw-370.md` — Read the agent-friendly Markdown representation of this episode resource.

A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed.

## Transcript

Full transcripts are not published on public pages unless there is a clear rights basis.