DEV Community

Security

Hopefully not just an afterthought!

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
I scanned 8,764 MCP servers for security vulnerabilities — here's what I found

I scanned 8,764 MCP servers for security vulnerabilities — here's what I found

Comments
3 min read
If countries can restrict model access, your AI rollout needs an access register

If countries can restrict model access, your AI rollout needs an access register

Comments
3 min read
How to Prevent XSS Attacks: Output Encoding, CSP & DOMPurify (2026 Cheatsheet)

How to Prevent XSS Attacks: Output Encoding, CSP & DOMPurify (2026 Cheatsheet)

1
Comments
7 min read
100 Days of DevOps and Cloud (AWS), Day 7: Kill the SSH Password, and Resize EC2 the Right Way

100 Days of DevOps and Cloud (AWS), Day 7: Kill the SSH Password, and Resize EC2 the Right Way

1
Comments
4 min read
idmix: A Better Alternative to Sqids for Structured Access Keys

idmix: A Better Alternative to Sqids for Structured Access Keys

1
Comments 1
3 min read
From vexctl scripts to a governed VEX platform: building vex-ui with Next.js, keyless signing, and a Trivy-consumable repo

From vexctl scripts to a governed VEX platform: building vex-ui with Next.js, keyless signing, and a Trivy-consumable repo

Comments
5 min read
AI Security Audit Checklist: 15 Vulnerabilities Claude Found in Production Code

AI Security Audit Checklist: 15 Vulnerabilities Claude Found in Production Code

1
Comments
12 min read
Rootless Edge Deployments: Architecting Daemonless CI/CD Pipelines with Podman and Buildah

Rootless Edge Deployments: Architecting Daemonless CI/CD Pipelines with Podman and Buildah

Comments
13 min read
OWASP MCP Top 10: How we test for each vulnerability in our audit pipeline

OWASP MCP Top 10: How we test for each vulnerability in our audit pipeline

Comments
3 min read
MCP supply chain attacks are coming — here's how to prepare

MCP supply chain attacks are coming — here's how to prepare

Comments
2 min read
30 CVEs filed against MCP servers in 60 days — here's how we're fixing this

30 CVEs filed against MCP servers in 60 days — here's how we're fixing this

Comments
2 min read
Stop Giving AI Agents Standing API Keys

Stop Giving AI Agents Standing API Keys

Comments
3 min read
4 Security Bugs I Found in My Own Auth System (And How I Fixed Them)

4 Security Bugs I Found in My Own Auth System (And How I Fixed Them)

1
Comments
4 min read
Building Role-Based Access Control for Enterprise Systems: Lessons from Banking Software

Building Role-Based Access Control for Enterprise Systems: Lessons from Banking Software

Comments 2
6 min read
Entropy-based password strength scoring (and why 'has a symbol' rules are theater)

Entropy-based password strength scoring (and why 'has a symbol' rules are theater)

Comments
1 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.