Software program is transferring quicker than ever…and so are the threats chasing it. From AI-powered assaults to hidden dangers within the software program provide chain, safety and improvement groups are being compelled to unravel issues they’ve by no means confronted earlier than.
CodeSecCon 2025, happening August 12-13, is the place these issues get pulled into the sunshine. Over two days, the free, digital convention will unite safety leaders, engineers, and DevOps execs to deal with at this time’s most pressing challenges and to discover the breakthroughs that might redefine how we construct and defend fashionable purposes.
From Unsolved Issues to Rising Dangers
Even with a long time of progress, utility safety nonetheless has unfinished enterprise. Clinton Herget of Snyk will open the dialog on persistent gaps — from inaccurate static testing to the elusive dream of risk-based prioritization — asking whether or not AppSec is preserving tempo with innovation or falling behind.
And whereas open supply fuels innovation, Adam La Morre of Chainguard will expose a lesser-known threat: the mismatch between revealed packages and their upstream supply, a silent provide chain vulnerability that might have an effect on thousands and thousands of purposes.
Rethinking Compliance, Coaching, and Belief
SBOMs have been hyped, criticized, and controlled. Michael Lieberman of Kusari will transfer past the controversy to point out tips on how to make them actionable, turning a compliance requirement right into a safety asset.
Shifting left is one factor, however Boomie Odumade argues that lasting safety comes from instructing proper. Her session will unpack how related, behavior-shaping coaching can embed safety into the developer mindset.
And with non-human identities already outnumbering people in enterprise methods, Dwayne McDaniel of GitGuardian will discover tips on how to safe this fast-growing, simply exploited assault floor.
AI: The Alternative and the Menace
AI runs by means of a lot of this 12 months’s agenda — each as a defensive software and a brand new frontier for attackers.Commercial. Scroll to proceed studying.
Anupam Chansarkar of Amazon will present how LLM hallucinations can create exploitable vulnerabilities, and the way cross-verification will help.
Nikhil Kassetty will define a DevSecOps blueprint for embedding AI into purposes with out exposing new dangers.
David Burns of BrowserStack will discover the Mannequin Context Protocol (MCP) and the safety challenges of AI brokers that may act, browse, and automate.
Constructing Safety for Scale
Different classes dive into scaling safety for contemporary architectures:
Hitesh Subnani of Amazon on code-to-cloud visibility for tighter suggestions loops.
Manas Sharma of Google on ML-driven database defenses that adapt in milliseconds.
Vaishnavi Gudur of Microsoft on AI-powered net safety that detects and stops threats in actual time.
CodeSecCon is a dwell dialog about the place software program safety is headed, and the way we will get there safely. In case you’re constructing, defending, or governing fashionable purposes, that is the place you’ll discover the methods, instruments, and friends that can assist you sustain.
📅 August 12–13, 2025🌐 See the total agenda at codeseccon.com
