Kevin Lewis
Real-World Security for Busy Developers
#1about 9 minutes
Why developers must take ownership of application security
The growing responsibility for security falls on developers due to the high cost of breaches and the scarcity of dedicated security specialists.
#2about 3 minutes
Prevent leaked secrets with push protection and scanning
GitHub's push protection blocks credentials from being committed, while secret scanning finds existing keys across your entire repository history.
#3about 9 minutes
Write and review secure code using AI-powered tools
Use GitHub Copilot for security education and code reviews, while CodeQL automatically finds vulnerabilities that Copilot Autofix can then resolve.
#4about 5 minutes
Manage vulnerable dependencies in your software supply chain
Use dependency review to check for vulnerabilities and license compliance in pull requests, and let Dependabot proactively create fixes for you.
#5about 1 minute
Drive security fixes with organization-wide campaigns
Security campaigns allow teams to prioritize and track the remediation of specific vulnerabilities across all repositories in an organization.
#6about 3 minutes
How security tools integrate into the developer workflow
A summary of how tools like push protection, code scanning, and Dependabot fit seamlessly into each stage of development from the IDE to production.
Related jobs
Jobs that call for the skills explored in this talk.
Technoly GmbH
Berlin, Germany
€50-60K
Intermediate
Network Security
Security Architecture
+2
VECTOR Informatik
Stuttgart, Germany
Senior
Java
IT Security
Matching moments
05:55 MIN
The security risks of AI-generated code and slopsquatting
Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2
03:45 MIN
Preventing exposed API keys in AI-assisted development
Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2
01:06 MIN
Malware campaigns, cloud latency, and government IT theft
Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre
03:58 MIN
Making accessibility tooling actionable and encouraging
Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof
05:01 MIN
Comparing the security models of browsers and native apps
Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof
03:16 MIN
Improving the developer feedback loop with specialized tools
Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof
07:39 MIN
Prompt injection as an unsolved AI security problem
AI in the Open and in Browsers - Tarek Ziadé
02:49 MIN
Using AI to overcome challenges in systems programming
AI in the Open and in Browsers - Tarek Ziadé
Featured Partners
Related Videos
25:28How GitHub secures open source
Joseph Katsioloudes
21:53Simple Steps to Kill DevSec without Giving Up on Security
Isaac Evans
22:18Why Security-First Development Helps You Ship Better Software Faster
Michael Wildpaner
24:47Supply Chain Security and the Real World: Lessons From Incidents
Adrian Mouat
29:47You click, you lose: a practical look at VSCode's security
Thomas Chauchefoin & Paul Gerste
23:34Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together
Stefania Chaplin
56:06Stop Committing Your Secrets - GIt Hooks To The Rescue!
Dwayne McDaniel
33:29Programming secure C#/.NET Applications: Dos & Don'ts
Sebastian Leuer
Related Articles
View all articles
From learning to earning
Jobs that call for the skills explored in this talk.
SAP AG
Sankt Leon-Rot, Germany
Junior
Go
Azure
DevOps
Puppet
Docker
+6
Abnormal AI
Intermediate
API
Spark
Kafka
Python
Secunet
Remote
Python
Grafana
Terraform
Kubernetes
+1