Liran Tal
@lirantal.com
🦄 Node.js Secure Coding: http://nodejs-security.com
🌟 @GitHub Star
🏅 @OpenJS Pathfinder award for Security
🥑 DevRel at @snyksec
🌟 @GitHub Star
🏅 @OpenJS Pathfinder award for Security
🥑 DevRel at @snyksec
how secure coding looks like in the age of agentic AI
if you don't have those tools calls in Cursor then you're compromising vulnerable code for productivity
Snyk Studio in action 👇
if you don't have those tools calls in Cursor then you're compromising vulnerable code for productivity
Snyk Studio in action 👇
December 22, 2025 at 10:00 AM
how secure coding looks like in the age of agentic AI
if you don't have those tools calls in Cursor then you're compromising vulnerable code for productivity
Snyk Studio in action 👇
if you don't have those tools calls in Cursor then you're compromising vulnerable code for productivity
Snyk Studio in action 👇
open invite to jump on a call with me and chat about MCP servers for 15 minutes
I'd be happy to also show you the Snyk MCP server for security and get your insights
I'd be happy to also show you the Snyk MCP server for security and get your insights
December 19, 2025 at 7:00 PM
open invite to jump on a call with me and chat about MCP servers for 15 minutes
I'd be happy to also show you the Snyk MCP server for security and get your insights
I'd be happy to also show you the Snyk MCP server for security and get your insights
I kinda feel like AI engineers today use a lot of models and AI tools for their agentic workflows but don't have good visibility into that so Snyk is building this AI-BOM thing and I'm curious what sort of questions do you have about it that I can help answer... ?
December 19, 2025 at 4:01 PM
I kinda feel like AI engineers today use a lot of models and AI tools for their agentic workflows but don't have good visibility into that so Snyk is building this AI-BOM thing and I'm curious what sort of questions do you have about it that I can help answer... ?
my buddy Brian Vermeer put together a Snyk MCP guide cheat sheet to get you started on adding security to your AI coding assistants, check it out snyk.io/articles/sny...
December 19, 2025 at 10:00 AM
my buddy Brian Vermeer put together a Snyk MCP guide cheat sheet to get you started on adding security to your AI coding assistants, check it out snyk.io/articles/sny...
gotta make sure those tokens are secured right ??
December 19, 2025 at 7:00 AM
gotta make sure those tokens are secured right ??
more and more bypasses for React CVE-2025-55182 including this from @fearsoff which only goes to show that..
if you want to prevent React2Shell the only complete solution is to disable all POST endpoints :-)
if you want to prevent React2Shell the only complete solution is to disable all POST endpoints :-)
December 18, 2025 at 7:00 PM
more and more bypasses for React CVE-2025-55182 including this from @fearsoff which only goes to show that..
if you want to prevent React2Shell the only complete solution is to disable all POST endpoints :-)
if you want to prevent React2Shell the only complete solution is to disable all POST endpoints :-)
selfie with yoda
should I build the nano banana app for it ? 😆
should I build the nano banana app for it ? 😆
December 18, 2025 at 4:00 PM
selfie with yoda
should I build the nano banana app for it ? 😆
should I build the nano banana app for it ? 😆
how much do you tip the Cursor agent ?
December 18, 2025 at 10:00 AM
how much do you tip the Cursor agent ?
product managers have been replaced by prompted interview questions
December 18, 2025 at 7:00 AM
product managers have been replaced by prompted interview questions
we back to masscan days and THC hyrda? 😅
December 17, 2025 at 10:01 AM
we back to masscan days and THC hyrda? 😅
another year in open source software...
who would've thought a kid who installed linux would be this invested
who would've thought a kid who installed linux would be this invested
December 16, 2025 at 7:00 PM
another year in open source software...
who would've thought a kid who installed linux would be this invested
who would've thought a kid who installed linux would be this invested
maybe capitalism isn't that bad?
p.s, source: the breakdown
p.s, source: the breakdown
December 16, 2025 at 4:00 PM
maybe capitalism isn't that bad?
p.s, source: the breakdown
p.s, source: the breakdown
folks at Vercel, is there a reason you're not doing trusted publishing with provenance?
December 16, 2025 at 10:00 AM
folks at Vercel, is there a reason you're not doing trusted publishing with provenance?
just so we keep track of things, I've been teaching all of you devs about React security flaws since 2020
December 16, 2025 at 7:01 AM
just so we keep track of things, I've been teaching all of you devs about React security flaws since 2020
what do you say chat, should I launch it ??
December 15, 2025 at 7:00 PM
what do you say chat, should I launch it ??
star wars happily ever after when ??
December 15, 2025 at 4:00 PM
star wars happily ever after when ??
December 15, 2025 at 10:00 AM
the old Snyk gang w/ Simon and Stephanie 💜🤗
Tessl's AI Native DevCon was a fun reunion!
Tessl's AI Native DevCon was a fun reunion!
December 15, 2025 at 7:00 AM
the old Snyk gang w/ Simon and Stephanie 💜🤗
Tessl's AI Native DevCon was a fun reunion!
Tessl's AI Native DevCon was a fun reunion!
Sean Roberts at AI Native DevCon had a good talk and great references 🤘
December 12, 2025 at 7:00 PM
Sean Roberts at AI Native DevCon had a good talk and great references 🤘
what has become of Cursor ??
December 12, 2025 at 4:00 PM
what has become of Cursor ??
is this slide driving the point across on why Snyk Studio is critical to connect to your agentic coding workflows?
December 12, 2025 at 10:00 AM
is this slide driving the point across on why Snyk Studio is critical to connect to your agentic coding workflows?
it's all fun and games right until the point when your toy (the LLM) becomes someone else's weapon
December 12, 2025 at 7:00 AM
it's all fun and games right until the point when your toy (the LLM) becomes someone else's weapon
largely here are my 2 biggest takeaways for actionable MCP server security
the model context protocol gets cited about authentication and identity, but there are other security pitfalls. bookmark and share 👇
the model context protocol gets cited about authentication and identity, but there are other security pitfalls. bookmark and share 👇
December 11, 2025 at 7:00 PM
largely here are my 2 biggest takeaways for actionable MCP server security
the model context protocol gets cited about authentication and identity, but there are other security pitfalls. bookmark and share 👇
the model context protocol gets cited about authentication and identity, but there are other security pitfalls. bookmark and share 👇