Software program is transferring sooner than ever…and so are the threats chasing it. From AI-powered assaults to hidden dangers within the software program provide chain, safety and growth groups are being compelled to unravel issues they’ve by no means confronted earlier than.
CodeSecCon 2025, happening at this time and tomorrow (August 12-13), is the place these issues get pulled into the sunshine. Over two days, the free, digital convention will unite safety leaders, engineers, and DevOps professionals to deal with at this time’s most pressing challenges and to discover the breakthroughs that might redefine how we construct and shield trendy functions.
From Unsolved Issues to Rising Dangers
Even with a long time of progress, utility safety nonetheless has unfinished enterprise. Clinton Herget of Snyk will open the dialog on persistent gaps — from inaccurate static testing to the elusive dream of risk-based prioritization — asking whether or not AppSec is holding tempo with innovation or falling behind.
And whereas open supply fuels innovation, Adam La Morre of Chainguard will expose a lesser-known danger: the mismatch between printed packages and their upstream supply, a silent provide chain vulnerability that might have an effect on tens of millions of functions.
Rethinking Compliance, Coaching, and Belief
SBOMs have been hyped, criticized, and controlled. Michael Lieberman of Kusari will transfer past the controversy to point out make them actionable, turning a compliance requirement right into a safety asset.
Shifting left is one factor, however Boomie Odumade argues that lasting safety comes from instructing proper. Her session will unpack how related, behavior-shaping coaching can embed safety into the developer mindset.
And with non-human identities already outnumbering people in enterprise programs, Dwayne McDaniel of GitGuardian will discover safe this fast-growing, simply exploited assault floor.
AI: The Alternative and the Menace
AI runs by means of a lot of this yr’s agenda — each as a defensive device and a brand new frontier for attackers.Commercial. Scroll to proceed studying.
Anupam Chansarkar of Amazon will present how LLM hallucinations can create exploitable vulnerabilities, and the way cross-verification can assist.
Nikhil Kassetty will define a DevSecOps blueprint for embedding AI into functions with out exposing new dangers.
David Burns of BrowserStack will discover the Mannequin Context Protocol (MCP) and the safety challenges of AI brokers that may act, browse, and automate.
Constructing Safety for Scale
Different classes dive into scaling safety for contemporary architectures:
Hitesh Subnani of Amazon on code-to-cloud visibility for tighter suggestions loops.
Manas Sharma of Google on ML-driven database defenses that adapt in milliseconds.
Vaishnavi Gudur of Microsoft on AI-powered net safety that detects and stops threats in actual time.
CodeSecCon is a stay dialog about the place software program safety is headed, and the way we are able to get there safely. In case you’re constructing, defending, or governing trendy functions, that is the place you’ll discover the methods, instruments, and friends that can assist you sustain.
📅 August 12–13, 2025🌐 See the total agenda at codeseccon.com
