From AppSec Training to AI Standards: Teaching AI to Code Securely | A Brand Story with Jim Manic...
0Jim Manico’s passion for secure coding has always been rooted in deeply technical practices—methods that matter most to developers writing code day in and day out. At OWASP Global AppSec EU 2025 Conference in Barcelona, Manico brings that same precision and care to a broader conversation around the intersection of application security and artificial intelligence.
While many are still just beginning to assess how AI impacts application development, Manico has been preparing for this moment for years. Two and a half years ago, he saw a shift—traditional low-level technical bugs were being mitigated effectively by mature organizations. The new challenge? Business logic flaws and access control issues that scanners can’t easily detect. This change signaled a new direction, prompting him to dive into AI security long before it became fashionable.
Now, Manico is delivering AI-flavored AppSec training, helping developers understand the risks of insecure code generated by large language models. His research shows that even the best AI coding tools—from Claude to Copilot—still generate insecure code out of the box. That’s where his work becomes transformative: by developing detailed, framework-specific prompts grounded in decades of secure coding knowledge, he has trained these tools to write safer code, using React, Django, Vue, and more.
Beyond teaching, he’s building. With 200 volunteers, he’s leading the creation of the Artificial Intelligence Security Verification Standard (AISVS), a new OWASP project inspired by the well-known Application Security Verification Standard (ASVS). Generated with both AI and human collaboration, the AISVS already has a v0.1 release and aims for a major update by summer.
For Manico, this isn’t just a technical evolution—it’s a personal renaissance. His deep catalog of secure coding techniques, once used primarily for human education, is now fueling a new generation of AI-assisted development. And he’s just getting started.
This episode isn’t just about where AppSec is going. It’s a call to developers and security professionals to rethink how we teach, how we build, and how we can use AI to enhance—not endanger—the software we create.
Learn more about Manicode: https://itspm.ag/manicode-security-7q8i
Note: This story contains promotional content. Learn more (https://www.itspmagazine.com/their-infosec-story) .
Guest: Jim Manico, Founder and Secure Coding Educator at Manicode Security | On Linkedin: https://www.linkedin.com/in/jmanico/
Resources
Jim's OWASP Session: https://owasp2025globalappseceu.sched.com/event/1wfpM/leveraging-ai-for-secure-react-development-with-effective-prompt-engineering
Download the Course Catalog: https://itspm.ag/manicode-x684
Learn more and catch more stories from Manicode Security: https://www.itspmagazine.com/directory/manicode-security
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Keywords: jim manico, sean martin, appsec, ai, owasp, securecoding, developers, aisvs, training, react, brand story, brand marketing, marketing podcast, brand story podcast