Making the OWASP top ten in the vibe code era

Making the OWASP top ten in the vibe code era

From The Stack Overflow Podcast by The Stack Overflow Podcast

June 5, 2026 · 34 min · Episode 956

About this episode

Ryan discusses the changes in the OWASP Top 10 with Tanya Janca, focusing on the shift towards software supply chain security and new awareness items.

Ryan welcomes back Tanya Janca, now part of the OWASP Top 10 team, to discuss what changed in the latest OWASP Top 10 release, how the list shifted from “outdated components” to a broader software supply chain focus, and why they added memory safety and vibe-coding as awareness items.  Episode notes: The OWASP Top 10 for 2025 is the latest standard awareness document for developers and web application security that represents a broad consensus about the most critical security risks to web applications. Learn more about Tanya’s work at her website and her new podcast DevSec Station . You can learn how to prompt your AI for secure code with her prompt library . Read Tanya’s articles on our blog.  Congrats to Populist badge winner Rob Kielty for winning the badge on their answer to How can I tell IntelliJ's "Find in Files" to ignore generated files? . TRANSCRIPT See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info .

People in this episode

Host: Ryan

Guest: Tanya Janca

Topics covered

  • OWASP Top 10
  • software supply chain
  • memory safety
  • vibe coding
  • web application security

Keywords

  • OWASP
  • Top 10
  • software security
  • memory safety
  • vibe coding
  • web applications
  • Tanya Janca

Mentioned in this episode

Organizations: OWASP, DevSec Station

More episodes of The Stack Overflow Podcast

Explore listener stats, chart rankings, contacts and more on the The Stack Overflow Podcast podcast page.