Trending

#devSec

Latest posts tagged with #devSec on Bluesky

Latest Top
Trending
#Sinners #Misunderstood Songs #Wildflower Hour #Firefly #Canada's Politics #Spurs #Oscars #Liverpool FC #Ukraine Conflict #U.S. Foreign Policy #Sinners #Misunderstood Songs #Wildflower Hour #Firefly #Canada's Politics #Spurs #Oscars #Liverpool FC #Ukraine Conflict #U.S. Foreign Policy

Posts tagged #devSec

pacanukeha❌
pacanukeha❌
@pacanukeha.bsky.social
3 weeks ago

AI can be much more than slop. Blackhats and ATP *will* be using it even when OpenAI is dead and buried #interesting #DevSec #DevSecOps

1 0 0 0
DevSwarm
DevSwarm
@devswarm.bsky.social
1 month ago
Post image

NEW on the DevSwarm blog: Why DevSwarm runs locally (and why that matters for security).

Read it here: devswarm.ai/blog/why-devswarm-runs-l...

#DevSwarm #HiVECoding #DevSec #LocalFirst

0 0 0 0
Hackread.com
Hackread.com
@hackread.bsky.social
2 months ago
Preview
Lazarus Group Embed New BeaverTail Variant in Developer Tools Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

NEW: Developers, crypto users, and job seekers beware - North Korea’s Lazarus Group is deploying a new #BeaverTail variant to steal credentials and crypto via fake job offers, dev tools and smart contracts.

Read: hackread.com/lazarus-embe...

#CyberSecurity #Lazarus #NorthKorea #DevSec #InfoStealer

2 0 0 0
literat
literat
@literat.dev
3 months ago
Preview
Safe navigation through upgrades in npm package minefield Learn essential security practices to protect your projects from npm supply chain attacks. Discover how to safely manage dependencies, prevent malicious code execution, and strengthen your development...

🔐 npm supply chain attacks hit 180+ packages this year. Here's what works to protect your projects:

Quick wins:
✓ Disable postinstall scripts
✓ Use cooldown period
✓ Immutable lockfiles
✓ 2FA on npm

Full security guide with code examples 👇
literat.dev/blog/2025-12...

#DevSec #JavaScript #npm

2 0 0 0
Hacker News Companion
Hacker News Companion
@hncompanion.com
4 months ago

A critical security practice for developers is sandboxing unknown code. Always use VMs or containers for external executables or interview-related coding tasks to isolate potential threats from your main system. #DevSec 4/6

0 0 1 0
Joel
Joel
@nanoapi.io
5 months ago

Question for any security devs out there: what is the better option?

1. A JWT with a 5-minute timeout, and returning a new JWT on each request

2. A 1-minute JWT with a 5-minute refreshToken that can be used to get a new JWT in a separate request

#cybersecurity #devs #devsec

1 0 0 0
Tom Smith
Tom Smith
@ctsmithiii.bsky.social
5 months ago
Preview
CrowdStrike rewrites security architecture with AI agents that code, hunt, and respond autonomously. # CrowdStrike's Agentic Security Platform: What Developers and Security Teams Need to Know *CrowdStrike rewrites security architecture with AI agents that code, hunt, and respond autonomously.* CrowdS...

coderlegion.com/5434/crowdst... #CyberSecurity #AI #AgenticSecurity #DevSec #CrowdStrike #SecurityAutomation #ThreatHunting #CISO

2 0 0 0
Tom Smith
Tom Smith
@ctsmithiii.bsky.social
6 months ago
Preview
The Hidden Cost of Outdated API Security: Why CIOs Need to Act Now Security tools that were effective two years ago are now creating business risks. Here's what changed.Your API security strategy is probably costing you more than you realize. Not just in licensing fe...

www.insightsfromanalytics.com/post/the-hid... #fastly #APISecurity #DevSec #CyberSecurity #AppSec #EdgeSecurity

0 0 0 0
Tom Smith
Tom Smith
@ctsmithiii.bsky.social
6 months ago
Preview
API attacks that took 15 hours now happen in 15 minutes. Most security teams aren't keeping up. # API Attacks Are Getting Faster. Your Security Stack Isn't Ready. The security landscape has fundamentally changed. What used to take attackers 15 hours to accomplish now happens in 15 minutes. And i...

coderlegion.com/5087/api-att... #fastly #APISecurity #DevSec #CyberSecurity #AppSec #EdgeSecurity

1 0 0 0
Tom Smith
Tom Smith
@ctsmithiii.bsky.social
6 months ago
Preview
Your best developer could be a security risk, and AI is making threats harder to detect. # The Hidden Threat in Your Development Team: How AI is Changing Insider Risk Forever At Black Hat 2025, I sat down with [Lynsey Wolf][1], a human behavioral scientist at [DTEX Systems][2], to discuss...

coderlegion.com/4831/your-be... #DTEXSystems #InsiderThreat #CyberSecurity #AI #DevSec #BlackHat2025 #DataProtection #RemoteWork

1 1 0 0
Tom Smith
Tom Smith
@ctsmithiii.bsky.social
7 months ago
Preview
Snyk just made security invisible to developers—AI writes secure code without them thinking about it # The End of Security as a Developer Concern: Snyk's 'Secure at Inception' Revolution *How Model Context Protocol integration promises to make security completely invisible to developers writing AI-ge...

coderlegion.com/4563/snyk-ju... #BlackHat #SecureAtInception #MCP #AICoding #VibeCoding #DevSec #Snyk #AI #Security #Cursor

0 1 0 0
Tom Smith
Tom Smith
@ctsmithiii.bsky.social
7 months ago
Preview
The Hidden Threat: How AI is Making Insider Risk Everyone's Problem Nation-state actors are getting IT jobs at your company. Here's what developers and security teams need to know.While cybersecurity teams obsess over external threats—building bigger firewalls, deploy...

www.insightsfromanalytics.com/post/the-hid... #DtexSystems #InsiderThreat #CyberSecurity #AI #BlackHat2025 #DevSec #NationState #InfoSec #TechSecurity

1 1 0 0
Ozzy.cloud
Ozzy.cloud
@ozzycloud.bsky.social
7 months ago
Automate security reviews with Claude Code Anthropic is an AI safety and research company that's working to build reliable, interpretable, and steerable AI systems.

🔒 Claude Code now has automated security reviews!

Type `/security-review` → finds vulnerabilities before production
GitHub Action auto-reviews PRs
Already caught real bugs in Anthropic's code

Available now for all users.

www.anthropic.com/news/automat...

#ClaudeCode #DevSec #AI

0 1 0 0
Tom Smith
Tom Smith
@ctsmithiii.bsky.social
7 months ago
Preview
99% of Fortune 5000 companies disabled security controls to connect AI to enterprise data. # The API Security Crisis: How AI Broke Every Rule We Knew *99% of Fortune 5000 companies disabled security controls to connect AI to enterprise data.* The cybersecurity world spent decades building s...

coderlegion.com/4427/99-of-f... #Wallarm #d0znpp #AI #CyberSecurity #BlackHat2025 #DevSec #APIAttacks #ThreatIntelligence #InfoSec

0 1 0 0
S H I F K E Y
S H I F K E Y
@shifkey.bsky.social
7 months ago

#NPM compromised again. Change all ya passwords & tokens. The package was ‘is’.

It’s a widely used low level utility.

#javascript #react #devSec

1 0 0 0
Nicolas Brondin-Bernard
Nicolas Brondin-Bernard
@nicolasbrondin.bsky.social
8 months ago
Post image

Les gens parlent de clé publique et clé privée, mais vous n'êtes pas sûr de savoir comment ça fonctionne ? 🗝️

Le chiffrement asymétrique, c'est un peu comme les stylos à encre invisible...

#dev #programmation #chiffrement #devsec

0 0 1 0
OWASP® Foundation
OWASP® Foundation
@owasp.org
10 months ago
Post image

🚨 Mark your calendars! 🚨

Join us for the OWASP Global AppSec US Conference in Washington, D.C., November 3–7, 2025 at the Marriott Marquis!

Register now! owasp.glueup.com/eve...

#OWASP #AppSec #Cybersecurity #ThreatModeling #GlobalAppSecUS #SecureCoding #DevSecOps #DevSec #WashingtonDC #Hacking

0 0 0 0
OWASP® Foundation
OWASP® Foundation
@owasp.org
10 months ago
Post image

Join Liran Tal at OWASP Global AppSec EU 2025 in Barcelona for an eye-opening session on the real security implications of TypeScript!

With live demos and actionable insights, this talk is a must for anyone building with TypeScript.

#OWASP #AppSecEU2025 #DevSecOps #AppSec #DevSec #Barcelona

2 0 0 0
OWASP® Foundation
OWASP® Foundation
@owasp.org
10 months ago
Post image

Join Dag Flachet at OWASP Global AppSec EU 2025 in Barcelona for a powerful session on building better AppSec programs—one small step at a time.

owasp.glueup.com/eve...

#OWASP #AppSecEU2025 #DevSec #AppSec #SecureDevelopment #Barcelona

0 0 0 0
Paul Keen
Paul Keen
@pftg.ruby.social.ap.brid.gy
10 months ago
Preview
Novel Universal Bypass for All Major LLMs HiddenLayer’s latest research uncovers a universal prompt injection bypass impacting GPT-4, Claude, Gemini, and more, exposing major LLM security gaps.

Security folks found a flaw in all major LLMs. This one is big - all AI safety measures can fail.

#AI #Security #DevSec hiddenlayer.com/innovation-hub/novel-uni...

0 0 0 0
DevOps - The Web's Largest Collection of DevOps Content
DevOps - The Web's Largest Collection of DevOps Content
@devops.com.web.brid.gy
1 year ago
Preview
DevSec Relationship Status: It’s Complicated (But Fixable) Remember that plastic Fisher-Price Shape Sorter from when you were a kid, where you had to fit different-shaped colorful blocks into their matching slots? And that oddly satisfying moment when the green triangle block slid out of your fingers and landed perfectly into place? That tiny ASMR-inducing thrill of making all the parts of a […]
0 0 0 0
Amitav Bhattacharjee 🦋
Amitav Bhattacharjee 🦋
@amitav63.bsky.social
1 year ago
Preview
Why Has DevSecOps Failed?  - DevOps.com DevSecOps is failing because we underestimated the complexity of cultural transformation and the importance of human-centered tools.

Why Has DevSecOps Failed?

devops.com/why-has-devs...

#devops #devsec #DevSecOps #SoftwareEngineering #engineering #SoftwareDevelopment #security #infosecurity #technology

2 1 0 0
ESC :wqa
ESC :wqa
@guisso.dev
1 year ago
Devsec Links #01 Links interessantes no tema de desenvolvimento seguro.

Ano passado fiz um trampo legal pra conscientizar os devs sobre segurança na empresa usando uma newsletter interna, ai tô abrindo para todos agora, um pouco tarde, porém deve ser útil para alguém: guisso.dev/posts/devsec...

#appsec #infosec #devsec

3 2 0 0
@decrypt.lol
1 year ago
Preview
LLMs May Enhance Vulnerability Detection Methods Recent research highlights the potential of large language models to enhance vulnerability detection in software development by improving accuracy and integrating with DevSecOps pipelines.

Recent research shows that large language models (LLMs) can significantly boost vulnerability detection in software development, enhancing accuracy and integration within DevSecOps pipelines. This advancement could transform how we approach #cybersecurity. Stay informed on emerging #threats! #DevSec

1 0 0 0
OWASP® Foundation
OWASP® Foundation
@owasp.org
1 year ago
Post image

#cybersec professionals, register now for OWASP Global AppSec EU Conference & Training in #Barcelona

Keynote speaker, Sarah-Jane Madden, will share her wealth of experience gained over 25 years in the technology industry.

owasp.glueup.com/eve...

#OWASPGlobalAppSecEU2025 #AppSec #Infosec #DevSec

9 2 0 0