Skip to content

Secure AI Coding: Developing Securely with AI Coding Assistants

  • by

From secure prompting to agent hardening: a hands-on day for development teams.

Overview

AI coding assistants such as GitHub Copilot, Claude Code, and Cursor now write a substantial share of production code, and that code is measurably less secure than it looks: Veracode’s 2025 GenAI Code Security Report found security vulnerabilities in 45 % of coding tasks across more than 100 LLMs (Java: over 70 %, XSS: 86 % failure rate). As early as 2022, the NYU study “Asleep at the Keyboard?” showed that around 40 % of Copilot-generated programs were vulnerable. A Stanford study also demonstrates that developers using an AI assistant write less secure code while believing it is more secure than the control group without AI. At the same time, the AI toolchain itself is becoming an attack surface: prompt injection via ticket texts and READMEs, malicious connected servers, agents with excessive permissions, and hallucinated packages. According to a USENIX Security study, 19.7 % of the dependencies suggested by LLMs do not exist.

In this one-day, hands-on course you will learn to use AI assistants in a way that brings speed and security together. You will learn which vulnerability patterns AI code typically contains, how to pin down security requirements before the first prompt, how to give the AI a security guideline that takes effect on every code generation, how to review AI code efficiently and adversarially, and how to harden your development environment itself against attacks. The course closes with automated guardrails in the workflow and a joint debrief. A large part of the course consists of labs in prepared exercise environments.

Agenda

TimeModuleContent
09:00-09:30Welcome & State of PlayHow Copilot, Claude Code & Cursor work; the numbers on vulnerability rates; why “runs on the first try” is the most dangerous signal
09:30-10:30Typical Vulnerabilities in AI CodeWhy AI-generated code fails differently (and predictably) than human-written code; which classes of flaws keep recurring and how to spot them in daily work. Lab: find and exploit vulnerabilities in real AI-generated code
10:30-10:45Break
10:45-11:30Security Before the PromptLightweight threat modeling for features; phrasing security requirements as acceptance criteria. Lab: threat analysis for a sample story
11:30-12:30Secure Prompting & Security GuardrailsWriting secure prompts; giving the AI a security guideline that applies project- and organization-wide on every code generation. Lab: rewrite insecure prompts, create your own security guideline for the assistant and measure its effect
12:30-13:30Lunch break
13:30-14:30Reviewing AI CodeReview checklist for AI diffs; risks of AI-suggested dependencies; security tests the AI will not write on its own. Lab: adversarial review and AI-assisted generation of security tests
14:30-15:30The AI Toolchain as Attack SurfacePrompt injection via issues, comments, docs; risks of connected tools and servers; agent permissions, sandboxing, secrets protection. Lab/demo: injection attack on an agent and hardening of the configuration
15:30-15:45Break
15:45-16:45Guardrails & AutomationAutomated security checks in the AI workflow; guardrails that stop violations before code is created; metrics and team rollout
16:45-17:00Wrap-up & DebriefJoint debrief, resource list, transfer to daily work, feedback

Key Facts

  • 1 day, 9:00-17:00, largely hands-on
  • Audience: developers, tech leads, DevSecOps and AppSec engineers
  • Prerequisites: programming experience; your own laptop with Docker installed locally, the exercise environment is provided

Methodology

Learning by doing is one of the most important paradigms. More about the training methodology here.

Trainer

Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.

Testimonials

+ Sehr guter Anteil konkreter Übungen!
+ Wichtige Bereiche wurden immer mit der “Übersichtskarte” gezeigt.
+ Guter Rundumblick

Anonym, IT-Beratungsbranche

Schönes Beispiel aus der Praxis von docker12321 🙂

Anonym, Versicherungsbranche

interaktiver Ansatz gefällt mir gut!

Anonym, Versicherungsbranche

Beispielseiten wie die “Check Security Header” gefallen mir sehr gut.

Anonym, Versicherungsbranche

Sehr gute Idee, dass einem Zeit gelassen wird die praktischen Aufgaben direkt zu machen und gewartet wird, dass wirklich alle fertig sind (indem alle die Hand heben). Gut waren auch die Anzahl an Übungen und die erklären dazu was denn genau passiert. Auch die Themen der Übungen wurden gut gewählt, sodass man versteht, was die Tools machen und wie sie funktionieren

Anonym, Versicherungsbranche

Gute Übungen, die einen sinnvollen Lerneffekt hatten

Anonym, Versicherungsbranche

Sehr angenehme Einführung in das Thema des Threads Modelling, sodass man sich schon selbst Gedanken bezüglich der potentiellen Threats machen kann.

Anonym, Versicherungsdienstleister

Wir müssen uns alle an die aktuelle Situation gewöhnen. Insofern war heute alles cool! Vielen Dank
(Hinweis: Erster Workshop beim Corona-Start)

Anonym, Versicherungsbranche

Angenehm aufbereitet. Vor allem die praktischen Beispiele helfen immer enorm!

Anonym, Versicherungsdienstleister

Viele Übungen; einiges an Input, aber durch den Praxisbezug sehr verständlich! Nicht nur firmenbezogenen, sondern auch für die private Anwendung interessant

Anonym, IT-Beratungsbranche

Arrange a free initial consultation

References

  • Veracode, 2025 GenAI Code Security Report (veracode.com)
  • Pearce et al., “Asleep at the Keyboard?”, IEEE S&P 2022, arxiv.org/abs/2108.09293
  • Perry et al., “Do Users Write More Insecure Code with AI Assistants?”, ACM CCS 2023, arxiv.org/abs/2211.03622
  • Spracklen et al., “We Have a Package for You!”, USENIX Security 2025, arxiv.org/abs/2406.10279