DEV Community

Security

Hopefully not just an afterthought!

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Validating an EU Proof-of-Age Attestation (eu.europa.ec.av.1) Against the Trusted List

Validating an EU Proof-of-Age Attestation (eu.europa.ec.av.1) Against the Trusted List

Comments
4 min read
Stop Claude Code Push Accidents at the Machine Level: Guarding Against Leaked API Keys and Wrong-Repo Pushes

Stop Claude Code Push Accidents at the Machine Level: Guarding Against Leaked API Keys and Wrong-Repo Pushes

Comments
4 min read
Prompt-level spend limits don't hold: how to actually stop an AI agent from overspending (x402, AP2, and the payment path)

Prompt-level spend limits don't hold: how to actually stop an AI agent from overspending (x402, AP2, and the payment path)

Comments
3 min read
Silent Login Failures After Every Azure Deploy? Check Your Data Protection Keys

Silent Login Failures After Every Azure Deploy? Check Your Data Protection Keys

Comments
2 min read
Scan Any Public GitHub Repo for Security Issues in Seconds (No Account)

Scan Any Public GitHub Repo for Security Issues in Seconds (No Account)

Comments
3 min read
GitHub Agentic Workflows Vulnerable to GitLost Data Leak Exploit

GitHub Agentic Workflows Vulnerable to GitLost Data Leak Exploit

Comments
5 min read
JWT Validation Against an RSA Public Key: The ValidAlgorithms Gotcha

JWT Validation Against an RSA Public Key: The ValidAlgorithms Gotcha

Comments
2 min read
Certified Ethical Hacker (CEH v13, 312-50): What's Actually Tested

Certified Ethical Hacker (CEH v13, 312-50): What's Actually Tested

Comments
10 min read
Starting KQL

Starting KQL

Comments
1 min read
Securing a FastAPI Backend with Bandit: A Real SAST Analysis

Securing a FastAPI Backend with Bandit: A Real SAST Analysis

Comments
6 min read
Applying SAST to Any Application (Without Sonar, Snyk, Semgrep, or Veracode)

Applying SAST to Any Application (Without Sonar, Snyk, Semgrep, or Veracode)

1
Comments
5 min read
Every iPhone leak spoiled a launch. This one published Apple's business model.

Every iPhone leak spoiled a launch. This one published Apple's business model.

Comments
4 min read
Do you test your AI agents for prompt injection? (honest answers only)

Do you test your AI agents for prompt injection? (honest answers only)

Comments
1 min read
The Session ID That Wouldn't Stop Changing

The Session ID That Wouldn't Stop Changing

Comments
6 min read
Writing Evals for an LLM Security Tool: How I Know It Didn't Get Worse

Writing Evals for an LLM Security Tool: How I Know It Didn't Get Worse

1
Comments
3 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.