# Creating Better Security Guidance and Code with LLMs - Mark Curphey - ASW #374

Page: https://stenobird.com/podcast/application-security-weekly-audio-436682/creating-better-security-guidance-and-code-with-llms-mark-curphey-asw-374
Text version: https://stenobird.com/podcast/application-security-weekly-audio-436682/creating-better-security-guidance-and-code-with-llms-mark-curphey-asw-374.md
Podcast: [Application Security Weekly (Audio)](https://stenobird.com/podcast/application-security-weekly-audio-436682)
Published: 2026-03-17T09:00:00+00:00
Episode link: https://aswaudio.libsyn.com/creating-better-security-guidance-and-code-with-llms-mark-curphey-asw-374
Audio file: https://dts.podtrac.com/redirect.mp3/traffic.libsyn.com/secure/aswaudio/ASW_374_1--882ae32d-0b0f-4f68-bf56-79c6fa3e87f2--audio-converted--ecf3ef0c-2bb4-479d-a014-c6dc26a258f9.mp3?dest-id=626765
Processing state: not_requested
JSON: https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/creating-better-security-guidance-and-code-with-llms-mark-curphey-asw-374
Duration seconds: 3848

## Resource

What happens when secure coding guidance goes stale? What happens LLMs write code from scratch? Mark Curphy walks us through his experience updating documentation for writing secure code in Go and recreating one of his own startups. One of the themes of this conversation is how important documentation is, whether it's intended for humans or for prompts to LLMs. Importantly, LLMs don't innovate on their own -- they rely on the data they're trained on. And that means there should be good authoritative sources for what secure code looks like. It also means that instructions to LLMs need to be clear and precise enough to produce something useful. Watch what happens when Mark prompts his agents to run a live demo for us! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-374

## Actions

- request_transcript: `POST https://stenobird.com/v1/public/podcasts/application-security-weekly-audio-436682/episodes/creating-better-security-guidance-and-code-with-llms-mark-curphey-asw-374/transcription-requests` — Idempotently request low-priority transcript generation for this episode.
- read_markdown: `GET https://stenobird.com/podcast/application-security-weekly-audio-436682/creating-better-security-guidance-and-code-with-llms-mark-curphey-asw-374.md` — Read the agent-friendly Markdown representation of this episode resource.

A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed.

## Transcript

Full transcripts are not published on public pages unless there is a clear rights basis.