Parsia explores the concept of AI-Native SAST, a combination of static application security testing (SAST) and artificial intelligence (AI). While traditional SAST tools often struggle with certain bug classes, like authorization and business logic issues, AI can potentially enhance detection by understanding code intent. Despite the hype surrounding AI tools, Parsia emphasizes that current AI models still require significant guidance from traditional static analysis methods, which means they are not direct replacements for existing tools. He stresses the need for static analysis enthusiasts to experiment with AI while token costs are low, as there's an increasing amount of AI-generated code that requires robust security measures. The article outlines several challenges facing the adoption of AI in SAST. Cost remains a concern; while tokens are currently subsidized, the sheer volume of human-generated code still outweighs AI-generated content. Parsia highlights issues like "context rot," where AI models can forget earlier prompts, and non-determinism, which leads to inconsistent results in code reviews. He proposes a blueprint for integrating AI into SAST workflows, which includes passing specific data elements, objectives, and contextual information to the AI model. This structured approach aims to improve the effectiveness of static analysis tools in identifying vulnerabilities. Parsia also mentions the importance of using complementary tools and techniques, like Retrieval Augmented Generation (RAG), to enhance AI's capabilities in vulnerability detection. This involves collecting relevant data, such as vulnerability samples and payloads, and integrating it with the main input for analysis. By focusing on both the strengths and limitations of AI in security contexts, Parsia provides a nuanced perspective on how AI can fit into the evolving landscape of software security.