DEV Community

Security

Hopefully not just an afterthought!

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
78% of Production AI Systems Score F on Prompt Defense — Data from 1,646 Leaked System Prompts
ppcvote profile

78% of Production AI Systems Score F on Prompt Defense — Data from 1,646 Leaked System Prompts

#ai #security #owasp #opensource
Comments
7 min read
Essential SSL Certificate Validity Facts to Protect Sites
monstermegs profile

Essential SSL Certificate Validity Facts to Protect Sites

#https #security #ssl #tls
Comments
7 min read
Checkov's OIDC Bug: Why CKV_AWS_358 Misses 80% of Misconfigurations
trustfix profile

Checkov's OIDC Bug: Why CKV_AWS_358 Misses 80% of Misconfigurations

#aws #security #terraform #opensource
Comments
3 min read
npm Publish Without Tokens
jurijtokarski profile

npm Publish Without Tokens

#cicd #github #npm #security
Comments
3 min read
Passwordless Login Needs Less Than Passkeys
aristech profile

Passwordless Login Needs Less Than Passkeys

#authentication #security #webdev #opensource
Comments
6 min read
The Compliance Trap: Why 90% of Security Scans are Technically Correct but Strategically Worthless
eldor_zufarov_1966 profile

The Compliance Trap: Why 90% of Security Scans are Technically Correct but Strategically Worthless

#security #devops #python #ai
Comments
7 min read
Why I built attack-chain correlation on top of Semgrep and Joern
hamza_miladin profile

Why I built attack-chain correlation on top of Semgrep and Joern

#security #ai #appsec #opensource
Comments
3 min read
Delete the Vercel Claude Code Plugin. Here's Why I Did.
ww-w-ai profile

Delete the Vercel Claude Code Plugin. Here's Why I Did.

#ai #vibecoding #security #privacy
Comments
5 min read
When Your Security Scanner Becomes the Weapon: Lessons from the Trivy Supply Chain Attack
toniantunovic profile

When Your Security Scanner Becomes the Weapon: Lessons from the Trivy Supply Chain Attack

#security #devops #github #devsecops
1
Comments
2 min read
Securing Package Manager Postinstall Scripts: Mitigating Access to Sensitive User Data During Installation
viklogix profile

Securing Package Manager Postinstall Scripts: Mitigating Access to Sensitive User Data During Installation

#security #sandboxing #packagemanagers #postinstallscripts
Comments
8 min read
I Built a Gate That Blocks Vulnerable AI-Generated Code Before It Merges
vorsken profile

I Built a Gate That Blocks Vulnerable AI-Generated Code Before It Merges

#security #github #ai #devops
Comments 3
3 min read
Beyond the Token: Securing Your Localhost with Biometric Passkeys
instatunnel profile

Beyond the Token: Securing Your Localhost with Biometric Passkeys

#cybersecurity #security #tooling #webdev
Comments
9 min read
I Added Minimum GitHub Security Settings to My OSS Repositories and Created a Setup Guide
shibayu36 profile

I Added Minimum GitHub Security Settings to My OSS Repositories and Created a Setup Guide

#security #github #programming
Comments
4 min read
How to Secure AI Agents in Production: What MCP Gets Right (and What It Doesn’t)

The lethal trifecta of agent risk
hadil profile

How to Secure AI Agents in Production: What MCP Gets Right (and What It Doesn’t)

#ai #machinelearning #security #backend
81
Comments 26
8 min read
Two Problems, Two Tools: Why AI-Assisted Scanning and Configuration Verification Solve Different Things
bala_paranj_059d338e44e7e profile

Two Problems, Two Tools: Why AI-Assisted Scanning and Configuration Verification Solve Different Things

#cloud #security #ai #aws
Comments
10 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.