Sonya Moisset

Vibe Coding is transforming software development, AI tools now write code at lightning speed, boosting productivity and unlocking creativity. But with this innovation comes a serious concern: security.

We'll break down the buzzwords – VIBE Coding, Agentic AI, MCP... we'll list some of the coolest tools out there , we'll explore how they're revolutionizing software creation and how to use them in a safe environment. Whether you're just starting out or looking to level up your skills, we'll cover the fundamentals and share essential best practices for building secure AI-powered applications.

Embracing new AI technologies reveals a hidden, yet increasingly prevalent, risk silently growing within many organizations: Shadow AI. This refers to the unapproved or unmonitored use of AI tools by employees, often adopted with good intentions but without the necessary oversight. Understanding these concealed threats is critical for protecting your organization's integrity, finances, and reputation. Here are five ways shadow AI may threaten your organization.

Imagine a scenario where a major financial services company discovers that sensitive customer financial data has been leaked. The source wasn't a sophisticated hack or a disgruntled employee; it was a well-intentioned analyst who had pasted transaction data into a public AI tool to help generate insights. This is just one example of the growing phenomenon of "shadow AI," which is creating invisible risks across organizations worldwide.

I discuss how to launch and grow an effective Security Champions Program that drives secure development practices across your engineering teams.

As AI agents proliferate across enterprise environments, a new protocol announced by Google on April 9, 2025, aims to solve one of organizations' most significant challenges today: getting these specialized tools to work together seamlessly across organizational and technological boundaries.

Software supply chains, composed of diverse tools, dependencies, and collaborative workflows, have become critical targets for malicious actors. Attackers exploit vulnerabilities in open-source components, CI/CD pipelines, and automated engineering processes, exposing organizations to significant risks. Resilience in this context demands a shift from reactive defenses to proactive strategies that integrate security directly into engineering workflows, ensuring vulnerabilities are addressed before they can be exploited.

Rejoignez Thomas Gentilhomme et Sonya Moisset pour ce webinaire dédié aux développeurs et professionnels de la sécurité. Vous y découvrirez les meilleures pratiques pour sécuriser une application en 2025.