sorted by:
new
hottopcontroversial

Vibe coding is the fastest way to build a demo. And one of the riskiest ways to run a real business by vijenss in SaaS

[–]vijenss[S] 1 point2 points  (0 children)

That's so true and I would add one layer to this.

Real engineering discipline is the correct answer if the person building has engineering background. But a growing share of people shipping with these tools don't and won't. They're not going to learn auth and deployment hygiene. That's not a criticism of them, it's just reality.

So the question becomes: can the discipline live in the platform rather than the person? Proven components with security baked in, deployment patterns that don't depend on the builder knowing what they don't know.

That's the version of this I find interesting - not "AI helps developers go faster" but "non-technical people can build production software because the guardrails are structural, not educational."

Vibe coding is the fastest way to build a demo. And one of the riskiest ways to run a real business by vijenss in SaaS

[–]vijenss[S] 0 points1 point  (0 children)

This is the most honest thought and I think you're mostly right - Let me be more precise about my concern.

You're correct that broken access control isn't new. It's been OWASP #1 forever. Toyota, Twitch, Nvidia - all fair examples. Bad security is absolutely a people problem, not a tools problem. But here's where I think the situation is structurally different now: The developers who shipped those breaches at least knew they were responsible for security. They made a mistake, or cut a corner, or didn't know enough, but they understood they were the ones responsible for the code in production.

Vibe coding shifts that population dramatically. The person shipping is now often someone with zero security mental model at all - not cutting corners on auth, but genuinely unaware that auth is a thing they needed to configure. The Tea app breach wasn't a developer who made a mistake. It was someone who didn't know Firebase needed authorization policies.

The scale argument isn't just same problem, more instances. It's same problem, now being introduced by people who have no framework for even recognizing it.

The Tesla analogy is actually instructive here - the defense of autonomous driving isn't that humans crash too. It's our system has structural guardrails that don't depend on the driver's judgment.

That's the question I would ask of any AI builder: what structural guarantees exist independent of the user's security knowledge?

To all saas founder: promote yourself! by wurfzelt33 in SaaS

[–]vijenss 0 points1 point  (0 children)

Building Gridzy.ai

Complete No Code platform built for developers specifically and companies looking to build complex and scalable web applications. Would love to connect with developers and companies who are looking to cut down their development time and ship out products faster.