Olivia
Online
Jim Manico from Manicode Security
@manicode
AI and AppSec Educator. Secure coding system prompts.
Kauai, HI and Cobb, CA
Joined July 2009
6.1K Following
17.2K Followers
43.7K Posts
ย Pinned Tweet
From my experience all software developers are now security engineers wether they know it, admit to it or do it. Your code is now the security of the org you work for. #GoldenAgeOfDefense
๐คฉ
Your AI coding assistant ships insecure code by default. Missing auth, broken JWT checks, injection.
Manicode fixes that. Secure-coding prompts + skills for Copilot, Cursor & Claude Code. Meta's CyberSecEval benchmark: .NET +80% React +27%
[email protected] if interested :)
Who to follow
James Kettle
@albinowax
Director of Research at @PortSwigger aka @Burp_Suite. Find my research, tools & contact details at https://t.co/vP6UbGmvl3
Vandana Verma
@InfosecVandana
President @Infosecdiversty @infoseckids, @owasp, RB @Blackhatevents @devseccon, #DevRel ๐ฅ@snyksec #aisec Tweets are my own
edskoudis
@edskoudis
President SANS Technology Institute College. SANS Fellow. CEO @CounterHackSec. @RSAConference Keynoter. IANS Faculty. BoD @manasquanbank & https://t.co/WD7vkoH5lH.
Your AI coding assistant ships insecure code by default. Missing auth, broken JWT checks, injection.
Manicode fixes that. Secure-coding prompts + skills for Copilot, Cursor & Claude Code. Meta's CyberSecEval benchmark: .NET +80% React +27%
[email protected] if interested :)
Youโre right. The hype is gaslighting.
Most of what gets posted is theater. But the reason it looks like nothing useful gets produced is that 90% of people are pointing AI at huge vague tasks and getting slop.
Where I see it actually work is small, well-scoped, testable stuff with tight guardrails. Spec driven development.
A lot of the spec driven AI people I know are not on Twitter posting โmagic solutionsโ to fix AI. They are getting work done and building product.
@0xBoku @bcherny @AnthropicAI I suggest that you bump up to 4.8 and request that your cyber access be accelerated.
https://t.co/aYKZTusHTZ
@sarahyang_00 @minchoi New GitHub issue: plan carefully to extract all my data from salesforce and build an agent version specific to my business
This is exactly what I author in my courseware and Iโm grateful folks are listening. The MCP spec helps, and the work of the AISVS team which Iโm on also helps. Some are really doing this work, in class, in standards and in practice. ๐ค Iโm grateful for the folks I work with who care about this. You too!
@IceSolst Sophos got a huge security report from Tavis on a Friday night, said thank you, and spent the weekend fixing it all.
After I saw it go down, all corporate response is second to that.
Fix your damn bugs. ๐
And just to be more honest, the practical threat to symmetric crypto (AES-128) is contested and probably minimal, but Grovers math is solid.
Grovers algorithm is dead.
https://t.co/FM01d7ySha
#PQC
@enjojoyy Research loops, spec driven development runs.
If I spend waking hours building machine readable specifications for applications, I can let CC run all night.
@vasuman What does your CLAUDE.md look like?
Iโve noticed that Claude Code works brilliantly with well designed applications using modern frameworks, and problems really show up in messy multi-framework legacy garbage.
So a theory is, Claude is way better for new applications designed well. Codex is better for going after legacy messes where serious surgery is needed.
So for those doing spec driven development on modern frameworks? Youโre experience is likely positive.
Those vibe coding legacy messes? You likely hate Claude.
Iโm curious if this matches your experience!
@guneysol How complex is your CLAUDE.md?
I learned a great deal about crypto and key management from Dino. Keep a close eye on this guy.
It's becoming increasingly important to understand the real security properties of cryptographic key storage. A related problem is secure provisioning of those cryptographic keys.
The shortcut is to just learn from established systems vs. slowly rediscovering the need for them.
I'm delivering a webinar on Claude Code (spec driven development) to help us all use Claude Code and other AI coding tools with quality, security and maturity.
This will land June 15 @ 10am PT. Hope to see you there. I love doing these and feel it's high value info for you!
https://t.co/KFPkAS5lj9
@kmcnam1 At least hackers go to the nice prison
Last Seen Users on Sotwe
LEMAK BERLEMAK
Seen from Indonesia
Fisher Miles
Seen from Italy
๐ฆ๐๐ฉ๐ฆ๐ฐ๐ข๐ฆ
Seen from Japan
???
Seen from Vietnam
ismael lorenzo
Seen from Brazil
MILF's Story ๐
Seen from United Kingdom
Bi Mature Top ๐ฆ
Seen from United Kingdom
LatinoArrechoNYC
King R
Seen from Lebanon
Indian girl
Seen from United States
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers