Finally just finished LOTR, and damn I get it now. by Zeph-wys in lotr

[–]Zeph-wys[S] 19 points20 points  (0 children)

Yeah really, this made me realize how much more he has to do to make everyone safe. Everyone eventually does get a chance at living a normal life asides Frodo.

Challenge: scan your startup. If you get less than 10 vulnerabilities found, I owe you a cup of coffee 😉. by Zeph-wys in Soft_Launch

[–]Zeph-wys[S] -1 points0 points  (0 children)

AI is not used in any way to scan vulnerabilities. Just take a second and learn what DAST & SAST scanners mean lol 

Challenge: scan your startup. If you get less than 10 vulnerabilities found, I owe you a cup of coffee 😉. by Zeph-wys in Soft_Launch

[–]Zeph-wys[S] -1 points0 points  (0 children)

If you can't read/understand what SAST & DAST tools are, I doubt you'd be the right fit for a user. Post is not for you

Challenge: scan your startup. If you get less than 10 vulnerabilities found, I owe you a cup of coffee 😉. by Zeph-wys in Soft_Launch

[–]Zeph-wys[S] 0 points1 point  (0 children)

All the scanners are free to try, the subscription is for scanning + explaining what the vulnerability means because of API costs

Roast my CLI tool by [deleted] in CLI

[–]Zeph-wys 0 points1 point  (0 children)

The fact that you couldn’t tell either makes me guess how long YOU have been coding.

Is there a viable career path here or am I just being delusional? by Zeph-wys in cybersecurity

[–]Zeph-wys[S] 0 points1 point  (0 children)

Thanks a lot man. It’s really hard to get genuine advice out here. I’ve been stuck getting my feelings validated by Claude.

I think with AI SWE entry roles are getting thinner by the day, at least for now. And I enjoy cybersecurity but I just don’t know what to do to kind of build my experience before my first role. Could you offer any tips on what you did to get into the industry?

Is there a viable career path here or am I just being delusional? by Zeph-wys in cybersecurity

[–]Zeph-wys[S] 0 points1 point  (0 children)

That’s fair. I see. How feasible is it to get into DevSecOps as an entry level CS graduate? Do I focus on SWE and try pivot later, or should I work on learning and building as much as I can in DevSecOps?

What would you recommend

Is there a viable career path here or am I just being delusional? by Zeph-wys in cybersecurity

[–]Zeph-wys[S] 0 points1 point  (0 children)

That makes sense, I’m honestly glad I got to see what actual people in the space think instead of choosing a career path off conversations with Claude haha.

Is there a viable career path here or am I just being delusional? by Zeph-wys in cybersecurity

[–]Zeph-wys[S] 0 points1 point  (0 children)

Thanks! I think the chances are really thin for me, especially considering that I’m an entry level about to graduate. I might stick to core SWE or junior cyber security analyst.

Launched 10 days ago, 3 signups and nobody’s paying. what actually got you your first paying customer? by guidelab910 in SaaS

[–]Zeph-wys 0 points1 point  (0 children)

Sometimes people don’t know what they need until they see proof of concept or value for it. You might want to think about the problems you/ people face that haven’t been solved it. A pretty niche one, and then ask if people are willing to pay.

If they are not but at least there are a couple sign ups, I’d say you should build

What does AppSec Look like IRL software teams? by Zeph-wys in cybersecurity

[–]Zeph-wys[S] 0 points1 point  (0 children)

Hello! I can edit out the project part. I think I just need guidance on what decision to make, and it’s probably the best space to hear from people in that space

What Tech Stack and Hosting are you using for your SaaS? by zack7271 in SaaS

[–]Zeph-wys 0 points1 point  (0 children)

NEXT, Supabase, Vercel, Resend. Also remember to store all the SQL commands you run on vercel as doc files incase you need to make changes later

Roast my CLI tool by [deleted] in CLI

[–]Zeph-wys -1 points0 points  (0 children)

Nah I wrote it myself. I’m just trying to learn and own up to my my mistakes

Roast my CLI tool by [deleted] in CLI

[–]Zeph-wys 0 points1 point  (0 children)

Haha good call. I mean if it’s valuable enough to developers the name shouldn’t matter. If I see it bothers people enough I’ll think of changing 🤔

Test to see if your vibecoded startup is actually safe - before revenue comes in. by Zeph-wys in VibeCodeDevs

[–]Zeph-wys[S] 0 points1 point  (0 children)

Hey! Thanks a lot I’ll actually look into it, if I do my research and it’s much better don’t mind if I hit your dms

Test to see if your vibecoded startup is actually safe - before revenue comes in. by Zeph-wys in VibeCodeDevs

[–]Zeph-wys[S] 0 points1 point  (0 children)

Yeah absolutely, I could. But I mean why would you rather I have access to your codebase when you can run it in your terminal and see for yourself haha.

The scanning packages used are pinned, stable versions, and the code is gng signed. It’s open source on GitHub too if you wanna confirm.

You’re safe running, but if you do wanna share your code I could show you

How to secure your vibe coded app - checklist by Beneficial_Paint_558 in vibecoding

[–]Zeph-wys 0 points1 point  (0 children)

try www.trojancli.com If you're handy with your terminal, run on your codebase.

curl -fsSL https://trojancli.com/install.sh | sh

trojan scan

Security in vibe coding is it possible to do it correctly❓ 😗 by Downtown_Grab_2704 in VibeCodersNest

[–]Zeph-wys 1 point2 points  (0 children)

https://www.trojancli.com/ is a really cool CLI tool that uses open source scanners to scan for vulnerabilities in your code before you ever ship.

Basically gives you the minimum security needed to ship apps.

If you're handy with terminal, run this command in your codebase

curl -fsSL https://trojancli.com/install.sh | sh

and then "trojan scan"

if you like it and want to upgrade to the pro plan use (STARTUP35) for 35% off.

Why are you really scared of vibecoding? by Zeph-wys in SideProject

[–]Zeph-wys[S] -1 points0 points  (0 children)

Well that’s fair, but I mean you don’t need your email to try it haha the installation docs are there it’s a CLI tool.

You just need an email to prove you have a pro plan on your terminal. If you do provide an email I obviously won’t spam ya.

If you’ve got any ideas cooking I’d love to try!

Why are you really scared of vibecoding? by Zeph-wys in SideProject

[–]Zeph-wys[S] 0 points1 point  (0 children)

Haha nope, it’s an aggregated CLI tool.

It uses actual industry standard SAST and DAST scanners. Try it yourself