A Fork in the Road for Security
Travis McPeak, Security Lead at Cursor and former Netflix security engineer, makes the case that AI removes security's last excuse for staying in an advisory role — and argues the teams that fully own outcomes will be the ones still standing.
We published this recap because Travis names the exact shift AppSecAI was built for: security moving from advisory to ownership. The talk is his — the commentary boxes below are ours, clearly marked. AppSecAI is not affiliated with Travis McPeak or Cursor, and nothing here implies his endorsement.
Whose Job Is Security, Really?
Before getting into it, a quick note on the slides: they were built entirely with AI. Travis described himself as "terrible at art," so he had a model generate the visuals, an MCP server drop them into Figma, and an agent pull supporting data — with the caveat that some of the stats might be off, because he didn't check all of them by hand.
Then a warm-up for the room: whose job is security — everybody's, or the security team's? Most hands went up for "everybody."
How would you feel if your legal team told you that? "Law is everyone's job." Or your sales team, or your marketing team?
We've pushed security off onto everybody, and it hasn't worked. Ask a developer who's slammed to remember that security is their job, and they'll tell you what they actually believe: shipping the feature matters today, and the security risk is theoretical. Competitors are moving. The business needs the release. Security can wait.
A follow-up question — is security the most important thing to your business? — got far fewer hands. Most people in the room already know the honest answer.
How Security Ended Up in an Advisory Role
Security grew out of IT, and in the beginning that made sense. The first real security work — antivirus, email security, patching a Windows box every six months — was IT work, with IT-operated controls and clear ownership. Then engineering happened: CI/CD, application security, complex identity, all the things IT people were never trained on.
That's the moment security backed away from ownership and declared it "everybody's job" instead. Once that framing took hold, there was no real bar to asking people to do things — just point at a compliance framework and move on.
What the advisory model actually looks like: a pile of Jira tickets from an under-tuned scanner nobody can triage for false positives, paired with dashboards that name which teams are "the problem."
It's very easy to ask other people to do hard things you aren't willing to do yourself.
Pre-AI, This Was Already Breaking
The advisory model was already failing before AI entered the picture. A CISO gets hired, and within six months the CEO stops taking their calls, because what security asked the business to do wasn't realistic — like telling a team shipping a critical feature to instead go triage 150 backlogged tickets. In a lot of cases, the cure is worse than the disease.
Part of the problem is that humans are bad at reasoning about long-tail risk. People are more afraid of flying and shark attacks than heart disease, even though heart disease is far more likely to kill them — because it's a slow, distant threat rather than an immediate, vivid one. Security risk usually reads the same way to a busy engineer: serious-sounding, but not going to kill me today.
Meanwhile, the security teams that skipped the advisory model entirely — hiring security engineers who built systems rather than filed tickets — got real leverage instead. Five years ago, Travis estimated the median security engineer salary at Netflix at roughly $500,000 a year in cash.
That kind of investment buys people who build paved roads and deployment patterns that just work, so the engineers using them never have to think about security at all. Those teams fully own the outcome. When security doesn't, it should be unsettling.
If We Keep Doing Advisory, AI Makes It Collapse
Whatever was already broken about the ticket-and-nag model is about to get fifty times worse, because AI collapses both sides of the equation at once: attackers move faster, and the volume of code needing review explodes.
AI penetration testers are already finding vulnerabilities at a high rate, and the time to exploitation is shrinking. The barrier that used to exist around writing a working exploit — the old Metasploit-era skill requirement — is disappearing, because agents can now do that work trivially. Travis cited the following figures on stage, sourced by his own agent and not independently verified for this recap.
At the same time, code volume is exploding. Travis pointed to GitHub's own engineering leadership acknowledging they can't scale review at the rate code is now being shipped. If you assume a roughly constant security-defect rate per line of code, shipping 100x the code means shipping roughly 100x the defects — and while well-coached agents can reduce that rate somewhat, the raw volume of defects still goes up.
The advisory tax, quantified: per Travis, teams see roughly 3.5 hours of average manual review time per false positive or duplicate finding — and that's the best case, where someone is actually reviewing before asking a developer to act.
If the job really is just ticket-pushing and nagging people to close things out, that's a job an agent already does better — it doesn't sleep, doesn't take vacation, and will happily check in at 4 a.m. on Christmas Eve. And security isn't just competing with developer bandwidth anymore; it's competing with the board's current top priority, which for most companies right now is proving they're "doing AI," not funding another security initiative.
Security Becomes a Builder
The alternative is to use the same AI shift to take full ownership of the outcome — something Travis argues security no longer has an excuse to avoid. Not coming from an engineering background used to be a real barrier. It isn't anymore, because you can ask an agent to explain AWS, Terraform, or Python from scratch and get productive fast.
I don't care about the code, I care about the outcome. I'll ask it questions until the thing is done well enough.
Developer security training never scaled — a once-or-twice-a-year lecture on cross-site scripting that developers forget by the time they actually need it. Agents don't have that problem. If every commit has to pass an independent agent security review as a hard requirement, it happens, every time, because the agent doesn't get tired of enforcing it.
That also makes a previously impossible task tractable: reviewing every line of code in context, instead of the 10% a stretched AppSec team can realistically get to today. Travis described shipping Rust code in his first week at Cursor without ever reading Rust himself — validating it entirely through an agent that walked him through edge cases as they came up. He runs the same standing-agent model elsewhere too, including one on a 24-hour cron that scans his entire monorepo for anywhere his privacy controls aren't actually enforced.
The same approach applies to patch triage. Security has historically under-invested in reachability analysis — figuring out whether a CVE tied to a library actually applies to how you use it — because that work fell on developers, not security.
Reachability cuts the pile before an agent ever touches it: once Travis's team did the reachability work themselves, it eliminated the overwhelming majority of what they'd otherwise have told developers to patch. What was left, an agent traced through — following every caller, running it three times over, and flagging any disagreement.
Paved roads — the Netflix-era idea of building the secure path so it's also the easy path — get cheaper to build under this model too: Travis estimated the time to build one drops to roughly 10% of what it used to take, so a team can run several build efforts in parallel instead of one at a time.
The end state Travis is driving toward is machine-speed response: automated applicability triage on every incoming vulnerability, an agent that patches and merges what needs it, and a deployment pipeline — canary rollout, CI tests, verification — built to catch what breaks. He was direct that this will cause incidents. The job becomes keeping the incident rate low enough that the business is still better off, and getting continuously hardened in the background instead of drowning in backlog.
The ownership model Travis describes is what we build
Three of the moves in this section aren't hypothetical for us — they're the product. Here's how each maps to what AppSecAI does on top of the scanner findings you already have (Fortify, Snyk, Checkmarx, SonarQube, and others):
Travis: reachability cuts the pile before an agent ever touches it
AppSecAI runs reachability and applicability triage on your existing findings first, so your team only acts on what genuinely applies — not the raw scanner dump.
Travis: an agent that patches and merges what needs it
Findings become pull requests that compile, pass tests, and explain their reasoning — run by your security team, merged by developers like any other code.
Travis: machine-speed response and paved roads that just work
The loop closes at portfolio scale instead of the 10% a stretched team can reach by hand — the same "security owns the outcome" model, without hiring a $500K engineer for every paved road.
The stats attributed to Travis above are his, presented as cited on stage. The AppSecAI capabilities described here are our own, independently verified — see the proof numbers below.
Security's Fork in the Road
This ends with security becoming a builder rather than a ticket forwarder. If there's a breach, security gets blamed — not the developer who was told it was "everyone's job." Given that, Travis's argument is that ownership should sit where accountability already does.
His prediction: companies increasingly hire for the ownership model and wean off the advisory one. He framed the case for making that shift personally, not just organizationally — it's more impactful for the business, it's more fun than being what he called a "ticket jockey," and it changes the relationship with engineering from adversarial to genuine partnership.
The alternative is staying in the advisory lane while asking the business for ten times the effort with AI in the mix. His closing bet: that path gets harder for companies to sustain, not easier.
Watch on YouTube: https://www.youtube.com/watch?v=Kp_nAQo5nqU
This is an independent editorial recap of a public conference talk by Travis McPeak, shared for commentary and discussion. Quotes and figures are attributed to the speaker as delivered; some on-stage statistics were AI-sourced and not independently verified. AppSecAI is not affiliated with, and this page does not imply endorsement by, Travis McPeak or Cursor.
Own the outcome, not just the ticket.
AppSecAI turns your existing Fortify, Snyk, Checkmarx, or SonarQube findings into pull requests that compile, pass tests, and explain themselves — triaged and remediated automatically, so your team can move from advisory to ownership without hiring a $500K engineer for every paved road.