The Developer Workstation Blind Spot: Why Your Security Stack Can't See What Matters Most

Your security team has visibility into cloud infrastructure, endpoints, and network traffic. But what about your developers' laptops, where the code actually gets written? In this talk, I'll break down the emerging blind spot that most security programs miss: the developer workstation. With 60k+ VS Code extensions, 13k+ MCP servers, and AI coding tools that can access file systems and credentials, the attack surface on developer machines has exploded. Meanwhile, 35% of engineers use AI tools via personal accounts, and extension malware detections increased 4x year-over-year. I'll cover: - How AI-driven development created new attack vectors (prompt injection → tool invocation → IDE exploitation) - Real examples of malicious extensions and MCP server vulnerabilities - Why EDR and SCA aren't enough, and what's missing - Practical approaches to gaining visibility without slowing developers down This isn't about blocking tools or slowing adoption. It's about seeing what's actually running so you can make informed decisions. Attendees hopefully will leave with a clear understanding of the problem and actionable steps to assess their own exposure.