Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This workshop introduces experienced engineers to AI-first coding - a paradigm where AI tools generate most of the code while developers focus on direction and refinement. ​We'll explore how large language models work underneath the hood, revealing practical techniques to maximize their effectiveness in development workflows. ​Participants will learn the powerful "Plan-then-Act" methodology, discover how to leverage context windows effectively, and implement structured memory bank approaches to maintain project continuity.

Our existing design system was automatically ported into Cursor. For components still in Figma, we used figma-context-mcp to migrate them. Now everything is managed and aligned - inside Cursor. In this demo, you’ll see Jit’s AI-native UX-Dev workflow in action.

Co-host Jacob Berry and Jit Co-Founder Aviram Shmueli sit down to discuss hot topics in AppSec.

Learn more about what happened and how it was fixed. With Jacob Berry (CISO) and Aviram Shmueli (Co-Founder)

Gain insights into the value that MCP provides to LLMs.

Hosted by: Ariel Beck (Jit) Speaker: Omri Levy (Lumigo)

How can organizations make DevSecOps accessible and effective for every team? Platform Engineering is the answer. In this talk, Erik explores how developer portals and golden paths help streamline security, automate remediation, and create scalable, secure development workflows without adding friction. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.

What happens when hackers weaponize Microsoft Copilot? In this eye-opening session, Inbar Raz takes a red-team-level deep dive into how attackers can abuse Copilot to exfiltrate data, bypass security controls, and even social engineer victims—automated by AI. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.

Software supply chain attacks are on the rise, exploiting gaps in CI/CD pipelines to introduce malicious code. In this talk, Yonit Gruber-Hazani dives deep into common CI/CD vulnerabilities and how to mitigate them using the SLSA (Supply-chain Levels for Software Artifacts) framework. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.

As AI reshapes industries, it also introduces a wave of emerging security risks—some known, others yet to be discovered. In this DevSecNext panel discussion, experts from engineering, cloud business, venture capital, and security innovation dive deep into the intersection of AI disruption and the evolving threat landscape. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.