Day 9/10: AI Code Isn’t Always Safe Code

• Review everything AI writes
• Set rules for what gets committed
• Rotate secrets often

AI is fast — but you’re still responsible.
Follow @nickbalancom for smarter, safer dev.

#SecureDev #AIcode #DevSecurity #nickbalancom

Tried to swap in a chainguard(.dev) image for one of my python projects. They say they are "drop in". Well, after spending an hour trying to troubleshoot and debug all the problems that I experienced I finally gave up.

I'm rather disappointed because I was really looking forward to using their images.

Anyone else have this experience or something better?

#Development #Coding #Hackers #Containers #SecureDev

Join Jeroen Beckers at OWASP Global AppSec EU 2025 in Barcelona on May 29!

🔗 Register: https://owasp.glueup.com/event/123983/register/

From secure coding practices to the impact on SAST, DAST, and manual testing, this talk is a must for anyone securing modern mobile apps across platforms.

Learn how to embed security into every phase of mobile app development—see you there!

#OWASP #AppSecEU2025 #MobileSecurity #Flutter #ReactNative #CrossPlatform #SecureDev #Barcelona #OWASPMobile

#EclipseTemurin security case study is now available, showcasing the work done by @eclipseadoptium regarding #SecureDev with @EclipseFdn.
https://outreach.eclipse.foundation/adoptium-temurin-supply-chain-security

The security supply chain is a pillar for both Eclipse and Adoptium.

My colleague Scott Fryer gave a talk at this year's @EclipseFdn 's #EclipseCon on #Adoptium's secure development practices, what we've done and what we're going to do going forward. It covers #SLSA, #SSDF, #SBoM, binary #reproducibleBuilds and keeping a heterogeneous #openSource project's infrastructure secure with #Wazuh

If some of those buzzwords have piqued your interest (or you want to know what they are) checkout his video: https://www.youtube.com/watch?v=mpEKUnX84UQ
#secureDev #CycloneDX