This session examines how generative AI introduces new risks to application security in financial services, with a focus on package hallucinations and slopsquatting vulnerabilities. It explores practical governance approaches, risk assessment methods, mitigation techniques, and real-world implementation challenges across banking, insurance, and investment organizations. Participants will see how these risks affect DevSecOps pipelines and receive actionable strategies to maintain secure, compliant development practices while continuing to leverage AI capabilities.