Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most developers rely on.env files to store secrets like API keys, database passwords, and tokens. But what if I told you this common practice can leave you wide open to attacks? In this video, I break down why storing secrets in a.env file is dangerous, how attackers can exploit it, and what safer alternatives you should be using instead.

The Difference Between Vibe and Spec Coding.

Replit Builds My App with MILITARY Grade Security?!

In this video, we put Replit’s AI coding tool to the test by asking it to create a secure note-taking app. While the tool shows off some seriously impressive abilities, it’s not without its flaws... Join me as I explore what Replit can (and can’t) do, and whether AI coding tools such as this one are ready to build reliable, secure apps.

In this video, I’ll walk you through the step-by-step process of adding MCP servers into OpenAI’s Codex CLI. Whether you’re just getting started with the Codex command-line tool or you want to expand its functionality by connecting external MCP servers, this guide will help you set it up quickly and correctly.

Gemini + Snyk MCP = Instant Code Security.

Snyk MCP Found Security Flaws INSTANTLY with Gemini...

How to Identify your Configuration Settings File.

In this video, I walk through how to add MCP servers to Google Gemini, covering both the CLI setup and Code Assist integration. Whether you’re just getting started with Gemini or want to extend its capabilities with MCP servers, this step-by-step guide will get you up and running.

GPT-5 Realizes its Mistake...