Kevin Lewis

Real-World Security for Busy Developers

Stop shipping vulnerabilities and leaking secrets. Learn how to automate security inside your workflow, without sacrificing speed.

Real-World Security for Busy Developers
#1about 9 minutes

Why developers must take ownership of application security

The growing responsibility for security falls on developers due to the high cost of breaches and the scarcity of dedicated security specialists.

#2about 3 minutes

Prevent leaked secrets with push protection and scanning

GitHub's push protection blocks credentials from being committed, while secret scanning finds existing keys across your entire repository history.

#3about 9 minutes

Write and review secure code using AI-powered tools

Use GitHub Copilot for security education and code reviews, while CodeQL automatically finds vulnerabilities that Copilot Autofix can then resolve.

#4about 5 minutes

Manage vulnerable dependencies in your software supply chain

Use dependency review to check for vulnerabilities and license compliance in pull requests, and let Dependabot proactively create fixes for you.

#5about 1 minute

Drive security fixes with organization-wide campaigns

Security campaigns allow teams to prioritize and track the remediation of specific vulnerabilities across all repositories in an organization.

#6about 3 minutes

How security tools integrate into the developer workflow

A summary of how tools like push protection, code scanning, and Dependabot fit seamlessly into each stage of development from the IDE to production.

Related jobs
Jobs that call for the skills explored in this talk.

Software Engineer

tree-IT GmbH

tree-IT GmbH
Bad Neustadt an der Saale, Germany

54-80K
Intermediate
Senior
Java
TypeScript
+1

Matching moments

Avoiding common security mistakes and giving better feedback
03:55 MIN

Avoiding common security mistakes and giving better feedback

The weekly developer show: Boosting Python with CUDA, CSS Updates & Navigating New Tech Stacks

Integrating security earlier in the development lifecycle
02:43 MIN

Integrating security earlier in the development lifecycle

Vulnerable VS Code extensions are now at your front door

Common security failures beyond individual coding errors
03:27 MIN

Common security failures beyond individual coding errors

Maturity assessment for technicians or how I learned to love OWASP SAMM

Key takeaways on IDE and developer tool security
02:28 MIN

Key takeaways on IDE and developer tool security

You click, you lose: a practical look at VSCode's security

Integrating security throughout the CI/CD process
04:40 MIN

Integrating security throughout the CI/CD process

Plan CI/CD on the Enterprise level!

Hardening the CI/CD pipeline with automated security tools
05:06 MIN

Hardening the CI/CD pipeline with automated security tools

You can’t hack what you can’t see

Key strategies for building a secure code culture
02:23 MIN

Key strategies for building a secure code culture

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Why shift left security is crucial for modern development
02:46 MIN

Why shift left security is crucial for modern development

Real-world Threat Modeling

Featured Partners

Related Videos

See all videos
How GitHub secures open source
25:28

How GitHub secures open source

Joseph Katsioloudes

Simple Steps to Kill DevSec without Giving Up on Security
21:53

Simple Steps to Kill DevSec without Giving Up on Security

Isaac Evans

Why Security-First Development Helps You Ship Better Software Faster
22:18

Why Security-First Development Helps You Ship Better Software Faster

Michael Wildpaner

Supply Chain Security and the Real World: Lessons From Incidents
24:47

Supply Chain Security and the Real World: Lessons From Incidents

Adrian Mouat

You click, you lose: a practical look at VSCode's security
29:47

You click, you lose: a practical look at VSCode's security

Thomas Chauchefoin & Paul Gerste

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together
23:34

Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together

Stefania Chaplin

Stop Committing Your Secrets - GIt Hooks To The Rescue!
56:06

Stop Committing Your Secrets - GIt Hooks To The Rescue!

Dwayne McDaniel

Programming secure C#/.NET Applications: Dos & Don'ts
33:29

Programming secure C#/.NET Applications: Dos & Don'ts

Sebastian Leuer

Related Articles

View all articles
Daniel Cranney
Dev Digest 214: Claude Is Leaking, GitHub Is Listening & Axios Hacked!
Inside last week’s Dev Digest 214 . 🕵️ Claude source code leaked, analysed and re-written in 2 days 🐙 GitHub auto-opts users into feeding their code to train their AI 🌐 Pretext shows how to show complex text rendering in the browser 🤖 How to securin...
Dev Digest 214: Claude Is Leaking, GitHub Is Listening & Axios Hacked!
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
Daniel Cranney
The Overflow: 5 Security and Privacy Tools for Developers
We’re back again with another edition of the Overflow, where we share some of the best tools we’ve found from around the web that we just couldn’t cram into the already jam-packed editions of the Dev Digest. So let’s take a look at five security and ...
The Overflow: 5 Security and Privacy Tools for Developers

From learning to earning

Jobs that call for the skills explored in this talk.