- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
From Input-handling Flaws to Crashables: Security ZLessons From LLM-based Coding Tools
TOPIC: From Input-handling Flaws to Crashables: Security ZLessons From LLM-based Coding Tools
ABSTRACT: Claude Code illustrates how LLM-based coding tools expand the attack surface. Design choices around approvals, parsing, and error handling can turn into security flaws. We present specific findings Kodem uncovered in Claude Code. Both issues highlight how LLM-based coding tools introduce new misconfiguration and input-handling risks. This talk dissects the issues, their broader implications for AI developer tools, and practical mitigations.
Видео From Input-handling Flaws to Crashables: Security ZLessons From LLM-based Coding Tools канала OWASP Los Angeles
ABSTRACT: Claude Code illustrates how LLM-based coding tools expand the attack surface. Design choices around approvals, parsing, and error handling can turn into security flaws. We present specific findings Kodem uncovered in Claude Code. Both issues highlight how LLM-based coding tools introduce new misconfiguration and input-handling risks. This talk dissects the issues, their broader implications for AI developer tools, and practical mitigations.
Видео From Input-handling Flaws to Crashables: Security ZLessons From LLM-based Coding Tools канала OWASP Los Angeles
Комментарии отсутствуют
Информация о видео
30 сентября 2025 г. 1:30:05
00:56:34
Другие видео канала
Open Source Software Supply Chains
Conquering Castle Envy – The Flawed Mindset That’s Holding Application Security Back
Five Things You Probably Didn’t Know About Azure Key Vault by Michael Howard
When Agents Execute: RCE Paths in LLM-Powered Coding Tools
Security Shouldn’t be a Secret. Why Transparency Matters
Secure Vibe Coding: 3 Key Lessons
Software Composition Analysis (SCA) Findings: Fix or Forget?
Using OWASP Nettacker For Recon and Vulnerability Scanning
Peeling the Onion: Making Sense of the Layers of API Security
Cloud Security and IAM for Developers and DevOps
Blind Spots of Threat Intelligence: Hardware and Firmware Challenges
OWASP & CSA IoT: Impacting Medical Security
Make Attackers Cry: Outsmart them with Deception
The Attacker’s Distributed Supercomputer: Your Browser
Future of Asset Discovery by Jeremiah Grossman
Finding Data and Analyzing Security in AWS
Detect complex code patterns using semantic grep by Clint Gibler
API Security Hands-on Workshop
Making the OWASP Top-10 2024
OWASP SAMM2 – Your Dynamic Software Security Journey
State of Pentesting 2024
