CI 기반 보안 스캔을 Discovery가 아닌 Validation 단계로 재설계
CI is the wrong place to first hear about your npm dependencies
CI is the wrong place to first hear about your npm dependencies
Your AI Agent just leaked your Stripe key. Here's how to stop it before the commit.
Mastering DevOps Fundamentals: A Practical Guide
SonarQube Plugin for Cursor Brings In-Chat Code Quality and Security Checks
AI Engineers Are Becoming Security Engineers.
LLM 보급으로 인한 취약점 탐지 병목의 '발견'에서 '분류'로의 전이
Five Eyes to Developers: AI-Powered Cyberattacks Are "Months Away, Not Years"
I built a live secret scanner for VS Code (and why CI scanning is too late)
Introducing a OWASP Game for threat modeling Agentic AI, Cloud, Devops, Frontend, LLM, Automation, and Web
Article: CodeGuardian: A Model Context Protocol Server for AI-Assisted Code Quality Analysis and Security Scanning
Comparison: Snyk vs. Checkov 2.3 for Terraform 1.9 Security Scanning – 20% More Issues Found
Anthropic's magic code-sniffer: More Swiss cheese than cheddar, for now
Scan MCP Servers for OWASP Vulnerabilities From Inside Claude. Here's How.