DO NOT fill in random vibe coded forms with personal data without privacy policies. A finished product is not a secure product.

I actually unintentionally learned 30% of Security+ in an hour just by looking at my own website's observability logs, out of curiosity until it became a little forensic fun. Even figured out how someone else's app has been leaking my phone number to scammers and bots in the process (this one deserves its own post next time).

So, here's a tip for fellow vibe coders and any web app owners really: 
Your observability logs are a free security feed.

Just out of sheer curiosity, looking at interesting logs, I learned that the humble observability logs in our web host could teach us ample about the types of bad actors, type of attacks, data phishing, credential theft, AI training crawlers, and the sophistication of the people behind them. In 24 hours my website was attacked by 3 levels of hackers and bots for vulnerability but I obviously don't have much worth all that bot effort. Apparently, it's just usual to expect it now.

If you have a personal website, you can even detect when someone is repeatedly and obsessively visiting specific pages. Take note, ladies 😊

I get that knowledge asymmetry is profitable. But where resource exhaustive courses are out of reach, I think it's possible to reverse engineer learning about important adjacent knowledge if we're going to vibe code.

As someone who recently learned to vibe code, I knew it comes with risks. And it took me extra hours to learn at minimal, the key subjects that needed to be handled carefully before publishing a basic website, avoiding a backend I wouldn't be able to maintain on my own.

If we're all going to be given free vibe coding tools, and we don't want this turning into a data grab market for opportunistic hackers, we need to at least make some basic security knowledge freely accessible. I constantly hear some specialists complain about vibe coders being security hazards(I don't disagree) and yet not usefully advise how the coders can equip themselves with what's realistically safe and preventable if they have to do it anyways.

I've come across course providers who've presented me with CompTIA Security+ modules that at first made me think they look too complex. But little did I know how interesting and fun it actually is when it's presented in a more practical real world scenario (and as a fun hobby🤭).

As a non-technical vibe coder, it disappoints me that the responsibility of securing our personal data doesn't always seem to be taken seriously, even by those with elite CS credentials.

Firms, please vet vibe coded products with cybersecurity professionals before collecting any form of data that could make you liable for the leaks.

Good news though, the knowledge is open sourced and freely available for vibe coders, and it should stay that way.

#VibeCoding #Cybersecurity #WomeninTech