The new frontlines of code security: Defending agentic workflows

Wednesday, April 29 at 5pm CEST / 10am CDT


The shift to agentic workflows means development speed is no longer limited by human typing. However, as AI agents accelerate velocity, they also increase the risk of hardcoded secrets and security vulnerabilities entering the codebase at machine speed. Traditional security checks in the PR or CI/CD pipeline happen too late to catch these risks before they leave the developer's machine.

Go beyond the AI hype and learn how to protect your agentic workflows by establishing a proactive verify model. Join us to discover how to implement practical, high-speed verification hooks that stop silent leaks and supply chain attacks at the source.


Webinar objectives

  • Analyze the agentic risk landscape: Examine how AI agents accelerate the injection of hardcoded secrets, slopsquatting, and security vulnerabilities at machine speed.
  • Operationalize real-time verification: Demonstrate how to implement SonarQube CLI hooks to identify and block security risks in sub-100ms, before prompts leave the developer's machine.
  • Defend the software supply chain: Learn to identify and resolve malicious dependency risks—such as those seen in recent Axios and PyPI attacks—by shifting from reactive scanning to proactive, source-based analysis.


Learning outcomes

  • Shift security upstream: Understand how to move verification from the CI/CD pipeline directly into agentic workflows to prevent silent leaks.
  • Mitigate AI-driven technical debt: Gain practical strategies to ensure agent-generated code meets production-ready standards for reliability and security.
  • Defend the supply chain: Learn to identify and resolve malicious dependency risks in source code before they can be embedded into your shipped artifacts. 

The new frontlines of code security: Defending agentic workflows

Meet our speakers




Satinder Khasriya


Satinder Khasriya is a product marketing manager focused on application security and developer-first solutions. At Sonar, he helps organizations strengthen code quality and security by embedding verification into modern development workflows, including AI-driven and cloud-native environments. He brings deep experience in translating complex security challenges into practical, developer-friendly outcomes.



Killian Carlsen-Phelan


Killian Carlsen-Phelan is a Developer Content Engineer at Sonar, where he builds hands-on technical content and demos showing developers how to integrate code quality and security analysis into real workflows, from IDE to CI/CD pipeline. He spent five years as a full-stack engineer at Northwestern Mutual, working across complex distributed systems, CI/CD pipelines, and AI engineering and agentic development. He brings a practitioner's perspective to the challenge of securing what AI agents actually produce.