Software program is transferring sooner than ever…and so are the threats chasing it. From AI-powered assaults to hidden dangers within the software program provide chain, safety and improvement groups are being compelled to unravel issues they’ve by no means confronted earlier than.
CodeSecCon 2025 came about August 12-13 and united safety leaders, engineers, and DevOps professionals to sort out immediately’s most pressing challenges and to discover the breakthroughs that would redefine how we construct and defend trendy purposes. All periods at the moment are out there on demand!
From Unsolved Issues to Rising Dangers
Even with many years of progress, utility safety nonetheless has unfinished enterprise. Clinton Herget of Snyk will open the dialog on persistent gaps — from inaccurate static testing to the elusive dream of risk-based prioritization — asking whether or not AppSec is retaining tempo with innovation or falling behind.
And whereas open supply fuels innovation, Adam La Morre of Chainguard will expose a lesser-known threat: the mismatch between printed packages and their upstream supply, a silent provide chain vulnerability that would have an effect on thousands and thousands of purposes.
Rethinking Compliance, Coaching, and Belief
SBOMs have been hyped, criticized, and controlled. Michael Lieberman of Kusari will transfer past the controversy to point out learn how to make them actionable, turning a compliance requirement right into a safety asset.
Shifting left is one factor, however Boomie Odumade argues that lasting safety comes from instructing proper. Her session will unpack how related, behavior-shaping coaching can embed safety into the developer mindset.
And with non-human identities already outnumbering people in enterprise techniques, Dwayne McDaniel of GitGuardian will discover learn how to safe this fast-growing, simply exploited assault floor.
AI: The Alternative and the Menace
AI runs by means of a lot of this yr’s agenda — each as a defensive instrument and a brand new frontier for attackers.Commercial. Scroll to proceed studying.
Anupam Chansarkar of Amazon will present how LLM hallucinations can create exploitable vulnerabilities, and the way cross-verification may help.
Nikhil Kassetty will define a DevSecOps blueprint for embedding AI into purposes with out exposing new dangers.
David Burns of BrowserStack will discover the Mannequin Context Protocol (MCP) and the safety challenges of AI brokers that may act, browse, and automate.
Constructing Safety for Scale
Different periods dive into scaling safety for contemporary architectures:
Hitesh Subnani of Amazon on code-to-cloud visibility for tighter suggestions loops.
Manas Sharma of Google on ML-driven database defenses that adapt in milliseconds.
Vaishnavi Gudur of Microsoft on AI-powered internet safety that detects and stops threats in actual time.
CodeSecCon is a dwell dialog about the place software program safety is headed, and the way we will get there safely. In the event you’re constructing, defending, or governing trendy purposes, that is the place you’ll discover the methods, instruments, and friends that will help you sustain.
📅 August 12–13, 2025🌐 See the complete agenda at codeseccon.com
