Kevin Lewis

Real-World Security for Busy Developers

Stop shipping vulnerabilities and leaking secrets. Learn how to automate security inside your workflow, without sacrificing speed.

Real-World Security for Busy Developers
#1about 9 minutes

Why developers must take ownership of application security

The growing responsibility for security falls on developers due to the high cost of breaches and the scarcity of dedicated security specialists.

#2about 3 minutes

Prevent leaked secrets with push protection and scanning

GitHub's push protection blocks credentials from being committed, while secret scanning finds existing keys across your entire repository history.

#3about 9 minutes

Write and review secure code using AI-powered tools

Use GitHub Copilot for security education and code reviews, while CodeQL automatically finds vulnerabilities that Copilot Autofix can then resolve.

#4about 5 minutes

Manage vulnerable dependencies in your software supply chain

Use dependency review to check for vulnerabilities and license compliance in pull requests, and let Dependabot proactively create fixes for you.

#5about 1 minute

Drive security fixes with organization-wide campaigns

Security campaigns allow teams to prioritize and track the remediation of specific vulnerabilities across all repositories in an organization.

#6about 3 minutes

How security tools integrate into the developer workflow

A summary of how tools like push protection, code scanning, and Dependabot fit seamlessly into each stage of development from the IDE to production.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Organizing a developer conference for 15,000 attendees
01:32 MIN

Organizing a developer conference for 15,000 attendees

Cat Herding with Lions and Tigers - Christian Heilmann

Selecting strategic partners and essential event tools
03:17 MIN

Selecting strategic partners and essential event tools

Cat Herding with Lions and Tigers - Christian Heilmann

Using content channels to build an event community
04:49 MIN

Using content channels to build an event community

Cat Herding with Lions and Tigers - Christian Heilmann

Increasing the value of talk recordings post-event
04:57 MIN

Increasing the value of talk recordings post-event

Cat Herding with Lions and Tigers - Christian Heilmann

Why HR struggles with technology implementation and adoption
04:22 MIN

Why HR struggles with technology implementation and adoption

What 2025 Taught Us: A Year-End Special with Hung Lee

The security risks of AI-generated code and slopsquatting
05:55 MIN

The security risks of AI-generated code and slopsquatting

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Rapid-fire thoughts on the future of work
02:44 MIN

Rapid-fire thoughts on the future of work

What 2025 Taught Us: A Year-End Special with Hung Lee

Preventing exposed API keys in AI-assisted development
03:45 MIN

Preventing exposed API keys in AI-assisted development

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Featured Partners

Related Videos

See all videos
How GitHub secures open source25:28

How GitHub secures open source

Joseph Katsioloudes

Simple Steps to Kill DevSec without Giving Up on Security21:53

Simple Steps to Kill DevSec without Giving Up on Security

Isaac Evans

Why Security-First Development Helps You Ship Better Software Faster22:18

Why Security-First Development Helps You Ship Better Software Faster

Michael Wildpaner

Supply Chain Security and the Real World: Lessons From Incidents24:47

Supply Chain Security and the Real World: Lessons From Incidents

Adrian Mouat

You click, you lose: a practical look at VSCode's security29:47

You click, you lose: a practical look at VSCode's security

Thomas Chauchefoin & Paul Gerste

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together23:34

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Stefania Chaplin

Stop Committing Your Secrets - GIt Hooks To The Rescue!56:06

Stop Committing Your Secrets - GIt Hooks To The Rescue!

Dwayne McDaniel

Securing Your Web Application Pipeline From Intruders44:30

Securing Your Web Application Pipeline From Intruders

Milecia McGregor

Related Articles

View all articles
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.