Safeguarding Applications in the AI Era with Jim Manico

Episode No: 53

Unlock the power of secure coding with Jim Manico! πŸ’‘ Dive into the world of application security and learn from an expert like never before. 🀩

Get ready to have your mind blown as Jim Manico shares his deep knowledge on application security using generative AI. 🌟 Discover groundbreaking insights, practical tips, and game-changing strategies that will elevate your coding skills to a whole new level.
Insights on building security using Generative AI

You can read the complete transcript of the epiosde here >

Learnings from the podcast

  1. When it comes to code generation using Gen AI tools, trust but Verify. Always run those through your DevSecOps pipelines for static & dynamic scans.
  2. During prompt engineering, stay away from feeding sensitive information and ask for low cyclomatic complexity recommendations. It’s simpler and easier to maintain.
  3. On top of adding security capabilities, when using any framework like React or Ruby on Rails, use them securely and apply application security best practices on top of it. Like OWASP Top 10 recommendations.

Learning resources recommended by Jim Manico

  1. OWASP Top 10 for Large Language Model Applications

    Aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing Large Language Models (LLMs)

    Check the OWASP Top 10 for LLMs here >



  2. Steve Wilson - Author of OWASP Top 10 for LLMs

    With over 20 years of experience in software product development and business leadership, Steve is passionate about building high-leverage platforms and high-performance teams.

    Steve Wilson on LinkedIn >



  3. OWASP Application Security Verification Standard (ASVS)

    The OWASP Application Security Verification Standard (ASVS) Project is a framework of security requirements that focus on defining the security controls required when designing, developing and testing modern web applications and web services.

    Check OWASP Application Security Verification Standard >



  4. Secure Coding for Software Engineers by James Ma

    In this comprehensive guide spanning six insightful topics, you'll embark on a journey through the critical aspects of secure software development. From understanding the intricacies of authentication and authorization to mastering the art of validation, encoding, and robust error handling, this book equips you with the essential skills to fortify your code against vulnerabilities

    Get your copy of Secure Coding for Software Engineers >

Insights from Cloudanix

Building security using Generative AI

Building Security Using Generative AI

Level up your security! Explore Generative AI for developers, security concerns, trusting AI-generated code, OWASP Top 10 risks, & building secure architectures

Read more >
Cloud compliance checklist - Cloudanix

Checklist for you

A collection of several free checklists for you to use. You can customize, stack rank, backlog these items and share with your other team members.

Go to checklists
Cloudanix Documentation

Cloudanix docs

Cloudanix offers you a single dashboard to secure your workloads. Learn how to setup Cloudanix for your cloud platform from our documents.

Take a look
Monthly changelog

Monthly Changelog

Level up your experience! Dive into our latest features and fixes. Check monthly updates that keep you ahead of the curve.

Take a look
Learn repository

Blogs

Stay informed and ensure that you are protecting your business from the latest threats and updates.

Read more