Software Security

Ready to **level up your AppSec skills?** Join us at **London OWASP Training Days 2026** — a dedicated hands‑on training experience designed by and for the global application security community! From **1‑day intensive skill builders** to **multi‑day deep dives**, our curated training lineup helps security pros, developers, and architects build practical expertise you can apply immediately. **Hands‑On Security Courses:** • API Security Fundamentals - secure modern APIs with real world exercises • Security Champions Program - build security culture from within • Privacy Engineering in the Age of AI - integrate privacy by design • AppSec Program - integrate OWASP SAMM rather than relying on tooling • AI Threat Modeling - next‑generation risk thinking • Web App Security Essentials - foundational defensive & offensive skills • Mobile & IoT App Hacking - real lab hands-on practice led by experts • Pentesting / OffSec - full-stack, lifetime lab access Whether you’re starting your AppSec journey or mastering advanced techniques, our expert trainers offer practical, interactive sessions that go beyond theory - so you can protect software with confidence. **King’s College London** \| Feb 25 \- 27\, 2026 Secure your seat: https://owasp.glueup.com/event/london-owasp-training-days-2026-162538/

In 2026, AI chatbots are no longer just "nice-to-have" features, they are the primary interface for our customers and global workforces. But as we scale, the stakes have shifted. It’s no longer just about "can we build it?" but "how do we govern it responsibly?" Let me guide you through AI Ethics & Governance specifically for those of you in the trenches of product development. We’re moving beyond compliance as a "chore" and reframing it as a competitive advantage. From implementing frameworks like NIST, through compliance with the EU AI Act, to mitigating bias, we explore how Product Owners, Product Managers, and Software Engineers can build "Trustworthy AI" that scales. Don’t let ethics be an afterthought, make it your product’s superpower. Let’s lead the era of building AI that isn't just smart, but right. Agenda --- Speakers Khrystyna Shparyk - GitProtect.io (Partnership & Alliances Manager) Being a Partner manager and Atlassian Community Leader based in Kyiv I am deeply passionate about building strong, collaborative partnerships within the Atlassian ecosystem. In my role, I manage relationships with a diverse range of Atlassian partners—including Solution Partners, Technology Partners, and Marketplace Vendors—helping to foster growth and innovation in the Atlassian community. Derek Vaughan Hosted By Stuart Capel, Head of Technical Delivery Head of Technical Delivery at TiPJAR / Atlassian Community Leader / PMP Jay O., Service Desk Manager Bruce Cullen, Director of Products I am Director of Products and Community at Rimo3, driving product & marketing strategy and go to market for our Workspace360 suite of tools making endpoint management a breeze. In past lives I have been a Director of Products building dashboarding software, x2 founder of companies in integrations and reporting and before then I worked as a delivery manager, running multiple projects in parallel and delivering software projects in teams of up to 500 engineers spanning the globe Abigail Adewoyin, Technical Application Specialist --- Global Partner Atlassian (http://atlassian.com) Millions of users globally rely on Atlassian products every day for improving software development, project management, collaboration, and code quality. For over a decade, Atlassian customers have come together to network, share ideas, solve problems, and find new ways to use Atlassian products. Today, more than 15,000 people take part in Atlassian community events in more than 30 countries. --- Complete your event RSVP here: https://ace.atlassian.com/events/details/atlassian-london-presents-youre-in-the-cloud-but-is-your-jira-amp-bitbucket-data-really-safe/.

Join us **the night before Elastic{ON} London** for an exclusive meetup, a perfect warm-up to the big day ahead! This is your chance to connect with the Elastic community, mingle with fellow attendees, and get energized for a full day of presentations at Elastic{ON} London. Don’t miss out! Register for the meetup and make sure you’ve also signed up for [Elastic{ON} London](https://www.elastic.co/events/elasticon/london) as well to experience a full day of learning and networking! **Date and Time:** Wednesday, February 25, from 6:00-8:30 PM **Location:** Davidson Building Address: 1st floor, 5 Southampton St, London WC2E 7HA Note: please use Exeter St entrance as the main entrance is closed after 6pm **Agenda:** * 6:00 pm: Doors open; say hi and eat some food * 6:30 pm: #Talk 1 - Re-thinking significant term discovery Mark Harwood - Ex-Elastic Core Developer and Lucene committer * 7:00 pm: Q&A * 7:10 pm: #Talk 2 - From Specs to Play: How I Built a Generative AI Game with Elastic + Microsoft AI Mike Richter - Principal Partner Solution Architect at Microsoft * 7:30 pm: Q&A * 7:40 pm: Networking and event wrap-up * 8:30 pm: Event close If you’re a long-time Elastic user or just starting your journey, this is the perfect opportunity to share ideas, meet new people, and get inspired. Invite your friends and RSVP on this page! **⚡️ Interested in giving a talk? ⚡️** Have you ever considered presenting on your Elastic use case? We welcome 5-10 minute lightning talks, 45-minute deep dives, and everything in between. If you're interested, please submit via our [CFP](https://sessionize.com/elastic-meetups/) or send us an email at [meetups@elastic.co.](http://meetups@elastic.co./)

Ready to **level up your AppSec skills?** Join us at **London OWASP Training Days 2026** — a dedicated hands‑on training experience designed by and for the global application security community! From **1‑day intensive skill builders** to **multi‑day deep dives**, our curated training lineup helps security pros, developers, and architects build practical expertise you can apply immediately. **Hands‑On Security Courses:** • API Security Fundamentals - secure modern APIs with real world exercises • Security Champions Program - build security culture from within • Privacy Engineering in the Age of AI - integrate privacy by design • AppSec Program - integrate OWASP SAMM rather than relying on tooling • AI Threat Modeling - next‑generation risk thinking • Web App Security Essentials - foundational defensive & offensive skills • Mobile & IoT App Hacking - real lab hands-on practice led by experts • Pentesting / OffSec - full-stack, lifetime lab access Whether you’re starting your AppSec journey or mastering advanced techniques, our expert trainers offer practical, interactive sessions that go beyond theory - so you can protect software with confidence. **King’s College London** \| Feb 25 \- 27\, 2026 Secure your seat: https://owasp.glueup.com/event/london-owasp-training-days-2026-162538/

Ready to **level up your AppSec skills?** Join us at **London OWASP Training Days 2026** — a dedicated hands‑on training experience designed by and for the global application security community! From **1‑day intensive skill builders** to **multi‑day deep dives**, our curated training lineup helps security pros, developers, and architects build practical expertise you can apply immediately. **Hands‑On Security Courses:** • API Security Fundamentals - secure modern APIs with real world exercises • Security Champions Program - build security culture from within • Privacy Engineering in the Age of AI - integrate privacy by design • AppSec Program - integrate OWASP SAMM rather than relying on tooling • AI Threat Modeling - next‑generation risk thinking • Web App Security Essentials - foundational defensive & offensive skills • Mobile & IoT App Hacking - real lab hands-on practice led by experts • Pentesting / OffSec - full-stack, lifetime lab access Whether you’re starting your AppSec journey or mastering advanced techniques, our expert trainers offer practical, interactive sessions that go beyond theory - so you can protect software with confidence. **King’s College London** \| Feb 25 \- 27\, 2026 Secure your seat: https://owasp.glueup.com/event/london-owasp-training-days-2026-162538/

This is a mega link-up with two of my favourite London based companies - we're absolutely buzzing to have them supporting London.JS. So without further ado, join us, **London.JS,** on **Wednesday 25th February** from **6pm-8.30pm** in partnership with **[Tessl](https://tessl.io/)** & **[incident.io](https://incident.io/)** (this is their 3rd event with us)**.** Register now to avoid disappointment as London.JS access is limited and spaces always fill up fast! Doors open at 6:00pm Talks start at 6:30pm Ends / head to the pub at 8.30pm ish Address - 210 Pentonville Rd, London N1 9JY Map - [https://share.google/yxUCiPc7fx7wwIxwA](https://share.google/yxUCiPc7fx7wwIxwA) **Our** **February Talks** **Sahil Deshmukh -** \*Member of Technical Staff, Tessl - "\*I’ve Stopped Hand Writing Code! (And I'm not the only one)" Writing features entirely by hand is becoming rare. Teams are shipping faster than ever - 400 PRs in two weeks for team Tessl - while breaking production less. This isn’t just AI magic. It’s the result of restructuring how work gets done. This talk breaks down a practical, AI-native workflow - using AI as a development multiplier, not a replacement - and the systems that keep speed from turning into chaos. It tackles the hard questions: trusting code you didn’t write, debugging AI-generated changes, and choosing the right trade-offs at an early-stage startup. You’ll leave with practical, battle-tested patterns you can adapt to your own setup. **Merlin Mason -** *Product Engineer, incident -*"Building a modern post-mortem writing experience" An exploration of post-mortems in incident response - and how we built a rich text editor to create an exceptional writing experience. **Gillian Yeomans -** *Product Engineer, Granola -* "Teaching My Computer to Be Helpful (And Occasionally Weird)" OpenClaw is an open-source agent that's caught the headlines - find out how I use it at home and at work, and whether it lives up to the hype. I'll cover the setup, the safety config, and a range of use cases from the practical (research, holiday booking) to the questionable (unsolicited poetry to friends). Delegating to a computer turns out to be a good way to learn what delegation actually requires. **Our Hosts** **[Tessl](https://tessl.io/)** is the package manager for AI agent skills, helping developers discover, version, test, and continuously improve high-quality agent context. **Our Sponsor** **[incident.io](http://incident.io)** is the single place you turn to when things go wrong - trusted by 1,000+ companies like OpenAI, Lovable, and Netflix. We help engineering teams respond to and learn from incidents, minimise downtime, and focus on solving the problems that matter. Come to **London.JS** & learn more about the changing face of JavaScript across all industry landscapes. We're a very inclusive meet-up representing a diverse community of awesome engineers About the **London.JS** organisers... **James McLeod**, Open Source Program Lead, NatWest Group [https://www.linkedin.com/in/jamesmcleod/](https://www.linkedin.com/in/jamesmcleod/) **Jordan Potts**, Head of Contract, Albany Growth [https://www.linkedin.com/in/jordan-potts-albany/](https://www.linkedin.com/in/jordan-potts-sr2/) **Will Laing**, Co-Founder, Plan:it [https://www.linkedin.com/in/willhlaing/](https://www.linkedin.com/in/willhlaing/) [https://weareplanit.com/](www.weareplanit.com) * **Refreshments**\* A variety of food & drink will be served. We will endeavour to cater for allergies & dietary requirements. This won't just be pizza & beer either... ***Things to note*** * A desire to explore JavaScript from different points of view is absolutely recommended * Feel free to bring your JS projects along * All engineering levels are welcome * Please RSVP to secure a place * Please ask plus 1's to sign up to the group & RSVP * Spaces are limited so techies will get priority \-\-\-\-\-\-\-\-\-\-\- • Code of conduct: [http://confcodeofconduct.com](https://confcodeofconduct.com/) \-\-\-\-\-\-\-\-\-\-\-

Join us on February 25th for talks from engineers at **Nebius, Fireworks AI,** **Together AI** and **Cerebras** \- four companies working on distinct approaches to AI infrastructure\, from cloud\-native training platforms to custom silicon\. Topics: * **Nebius** \- Tips and tricks for Training High\-Performance Speculators by Filipp Fisin * **Fireworks AI** \- LLM evaluations and closing the benchmark\-to\-production gap by Shaunak Godbole * **Cerebras -** Technology underpinning the fastest inference by Dmitry Gaynullin * **Together AI** \- Road to 5M Sequence Length: Breaking Memory Barriers in Context Parallelism by Max Ryabinin If you’d like to give a talk or become a partner for one of the upcoming meetups, message [https://www.linkedin.com/in/fedorshabashev/](https://www.linkedin.com/in/fedorshabashev/) or [https://www.linkedin.com/in/kirzharov/](https://www.linkedin.com/in/kirzharov/) In the meantime, you can watch the previously recorded talks: [https://youtube.com/@londonpytorchmeetup](https://youtube.com/@londonpytorchmeetup) Please subscribe to our channel! ❤️

Hey everyone, We’re back with a new identity—but the same mission: helping builders create trustworthy AI-powered applications. Our agenda is now final for our next meetup on Feb 26th. Don't forget to **RSVP now.** If you’d like to get on stage and deliver a talk at one of our next editions, just reach out—we’d love to hear from you. **“Securing Vibe Coding: Addressing the Security Challenges of AI-Generated Code”** As AI coding tools become embedded in daily development, they bring both a new wave of productivity and new security risks. In this session, Sonya will break down the security implications of Vibe Coding and share actionable strategies to secure AI-generated code at scale. **Speaker – Sonya Moisset - Snyk** Sonya is a Staff Security Advocate and a lifelong traveler who lived in the Middle-East, North Africa and East Asia. She’s passionate about Cybersecurity, DevSecOps and AI. She’s part of the OpenUK Security Advisory Board, an OpenUK ambassador and 2x OpenUK Honoree, 5x Github Star, 6x Top contributor for freeCodeCamp, TryHackMe room creator, 3x CyberGirls fellowship mentor, ambassador for Girlcode, and 2022 TechWomen100. Sonya is a DevSecOps/AI Security Advocate, an international public speaker, a tech advocate and mentor. Her motto is #GetSecure, #BeSecure & #StaySecure. **“The challenges of LLM created code, and creating tools for LLMs”** Where our speaker will describe many of the challenges this causes, and what \*you\* can do about it **Speaker – Richard Tweed - Tessl** Richard is a Member of Technical Staff at Tessl, focusing on Security and Infrastructure. He's using and misusing LLM agents to better secure them and the products containing them

**Please RSVP to attend this event here:** **[https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431](https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431)** **PLEASE NOTE - YOU MUST REGISTER on EVENTBRITE: [https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431](https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431)** **This event is kindly sponsored by Curity.** **Raffle prizes are kindly sponsored by Curity and Fortbridge.** **There is limited seating available for in-person attendees. Registration required.** **This event will also be live-streamed on YouTube.** **Recordings will be available on the [OWASP London YouTube channel](https://www.youtube.com/OWASPLondon)** **TALKS:** **OWASP Introduction, Welcome and News** \- Sam Stepanyan\, Andra Lezza\, Sherif Mansour \- OWASP London Chapter Leaders **"North Korea: The Great Recruitment Firewall"** **\- Mariya Hristova** North Korean spies are lurking everywhere, but especially in the hiring pipeline. Disguised as the perfect candidate to try and snag a position in a company where they can espionage away! Recruitment is the first point of contact for all candidates so in this talk I will go over how I recognise fraudulent candidates without descending into unfounded bias. I’ll go over some recent examples and give some practical guidance of what you can do if you are not sure that the person opposite you is who they say they are. **"Vesta Admin Takeover - Exploiting reduced seed entropy in bash $RANDOM" - Adrian Tiron** Vesta is a lightweight, web-based control panel that simplifies Linux server management, appealing to users seeking an intuitive alternative to traditional platforms like cPanel and Plesk. This presentation will examine a critical flaw in Vesta: an admin takeover exploit resulting from reduced seed entropy in the Bash $RANDOM variable. By transforming what was once a theoretical attack into a practical one, we successfully reduced the brute force domain of the seed by over 98%. This allows attackers to generate predictable random values, compromising the security of passwords and tokens. We will discuss the implications of this vulnerability and highlight best practices for enhancing server security in real-world applications. **"Securing AI Agents: Identity Strategies for Safe API Access"** **\- Gary Archer** As organizations adopt AI-driven tools and workflows, new security challenges arise around how AI agents securely access APIs. In this session, Gary explores how best practices for connecting AI agents to APIs are evolving, and outlines the essential identity and security building blocks organizations should put in place for the emerging AI era. The talk focuses on architectural principles and patterns rather than specific vendors or products. **SPEAKERS:** **Mariya Hristova** A People and Talent Leader who has been building tech teams across large orgs and startups for 10 years. An enthusiastic amateur in all things tech, but with a personal crusade to help improve UX and UI in open source tools. If we want to usher in the year of the penguin, we have to pay attention to that stuff! In my spare time I like to break HR Tech or volunteer my time and knowledge to help companies and candidates/employees meet each other in right way. **Adrian Tiron** Adrian Tiron is a Co-Founder & Principal Pentester/Red Teamer at FORTBRIDGE with 20 years of experience in cybersecurity. He has a proven track record of success working with top companies in the UK, US, and Europe. As a dedicated researcher and blog author, Adrian has uncovered multiple critical vulnerabilities in open-source and commercial software, contributing significantly to improving online security. **Gary Archer** Gary Archer is a Product Marketing Engineer at Curity with over 20 years’ experience as a lead developer and architect delivering investment banking solutions. His work includes leading OAuth-based migrations, designing distributed security architectures, and supporting complex business systems. At Curity, Gary focuses on teaching end-to-end security flows across web, mobile, and API environments, helping teams understand both the benefits and learning curve of modern identity architectures. **RAFFLE - win a prize (or two!) kindly donated by our sponsors!** **RAFFLE PRIZES:** **1\. NINTENDO SWITCH2 GAMING CONSOLE** **2\. FLIPPER ZERO** **TICKETS:** OWASP meetups are free and open to anyone interested in application security. Please note that you MUST REGISTER book your place to be admitted to the event by the building security. Your name will be checked against the guest list. **REGISTER HERE:** [https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431](https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431) **CODE OF CONDUCT:** We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: [https://owasp.org/www-policy/operational/code-of-conduct](https://owasp.org/www-policy/operational/code-of-conduct) **PHOTOGRAPHY** Please note that OWASP events are open to the public, and OWASP does not restrict attendees (including OWASP staff, volunteers, sponsors, and media) from taking photos or videos at our events. The talks will be video recorded. By attending OWASP events, you acknowledge that you are in a public space and that attendees (including OWASP staff, volunteers, sponsors, and media) may capture your image in photos and videos. Nevertheless, OWASP encourages event attendees to exercise common sense and good judgment and respect the wishes of other attendees who do not wish to be photographed at the Events. **SPONSORS** This event is kindly sponsored by [Curity.io](https://curity.io) and kindly hosted by [Civo Tech Junction](https://www.civo.com/tech-junction). Additional Raffle prize sponsored by [Fortbridge](https://fortbridge.co.uk) **REGISTER TO HERE:** [https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431](https://www.eventbrite.co.uk/e/owasp-london-chapter-meetup-tickets-1982398885431)

## DevOps Society Meetup with EDF **Location:** EDF UK, Nova North, 11 Bressenden Place London, SW1E 5BY **Time:** Doors open at 6PM **Drinks, snacks, talks, and networking.** We’re excited to invite you to our first in-person **DevOps Society Meetup** of 2026, proudly **sponsored by EDF**. This event brings together the DevOps, SRE, and cloud engineering community for an evening of honest conversations, real-world lessons, and networking with people who’ve actually done the work. A huge thank you to **EDF** for sponsoring the event and for providing the venue, refreshments, and support for our community. *** ## ️ Format of the Meetup: 6:00pm – 6:30pm — Networking on arrival, with food and drinks provided by EDF 6:30pm – 7:10pm — First speaker + Q&A 7:10pm – 7:20pm — Break for refreshments and networking 7:20pm – 8:00pm — Second speaker + Q&A 8:00pm onwards — More networking at the venue, then at a nearby pub. *Timings can vary slightly depending on Q&A.* *** We’re delighted to welcome **two fantastic speakers** to this EDF-hosted DevOps Society meetup. *** ## SPEAKER 1 – Steve Bowerman **Principal Software Engineer, EDF** ### Bio Steve is a technologist and thought leader with **25 years in the industry**, including **20 years in the utilities sector**, spanning startups through to large, established enterprises. Since stepping into the role of **Principal Software Engineer at EDF**, Steve has played a key role in reviewing and overhauling EDF’s approach to software engineering - bringing critical capabilities in-house and aligning teams with modern **DevOps and SRE principles**. His work focuses on long-term, sustainable transformation rather than tooling churn, helping large organisations evolve how they build, operate, and scale software. *** ### Talk Title **Rebooting the Enterprise: The DevOps Way** ### Talk Intro Building a DevOps mindset in a startup is relatively easy - it’s often the default DNA of modern engineering teams. Doing the same in a **large enterprise** is a very different challenge. In this talk, Steve will take you through **five years of transformation in 15 minutes**. He’ll share how EDF approached enterprise DevOps adoption, where things failed (and why), what ultimately worked, and the lessons learned along the way. Spoiler: **technology was the least difficult part**. This session is ideal for engineers, platform teams, and leaders working in complex organisations who want a realistic view of what enterprise DevOps transformation actually looks like. *** ## SPEAKER 2 – Matteo Emili **Director of Software Engineering, Avanade** **Bio** Matteo Emili is a Director of Software Engineering at Avanade UK and Ireland, leading the talent in Software Engineering and always looking at new ways of applying technology to solve business problems. He is a passionate Agile advocate and a technologist at heart, a Cloud Architect who is always driven by using technology as a vehicle for change and continuous improvement. A Microsoft MVP since 2010 (currently in the Azure DevOps and GitHub category), he enjoys sharing back as much as he can with the worldwide technical communities – especially within Agile and DevOps. He has founded several User Groups around Europe and he is a regular speaker at meetups and conferences. ### Talk Title **From Vibe Coding to Agentic Engineering: A Step-by-Step Guide** ### Talk Bio AI-augmented software development is evolving. What started as *“vibe coding”* \- intuition\-driven\, creative experimentation with AI \- is now moving toward **agentic engineering**, a more governed and intentional approach where AI agents actively collaborate with developers while enforcing best practices and organisational standards. In this session, Matteo explores how teams can transition from unstructured AI experimentation to **agentic workflows** that balance creativity with accountability. You’ll learn how agentic engineering enables: * Faster development without sacrificing quality * Built-in governance and standards * AI collaboration that scales across teams * A practical path from experimentation to production-ready AI-assisted engineering This talk offers a clear, pragmatic view of how AI will reshape software engineering in the years ahead - and how teams can adopt it responsibly. *** Please **RSVP to secure your spot**. Spaces are limited and available on a **first-come, first-served** basis. We’re really looking forward to getting the community back together again for our first event of 2026. [Our slack community](https://join.slack.com/t/devopssociety/shared_invite/zt-3mswuylw7-MhJg1IZ70rX_GpJTluG2Cw) \- join in and introduce yourself\! [Our Youtube Channel ](https://www.youtube.com/@DevOpsSociety)for regular podcasts with DevOps professionals + more DevOps content. [Website](https://thedevopsociety.com/) [To partner with us](https://thedevopsociety.com/partnerships) EDF website - https://www.edfenergy.com/ Thanks! From the DevOps Society team [Ben](https://www.linkedin.com/in/benwhitmarsh/) and [Vytas](https://www.linkedin.com/in/vytasdevops/)

**Please register on [Eventbrite](https://www.eventbrite.co.uk/e/ljc-meetup-at-capital-one-tickets-1981939102207) to join this event.** **About this event** LJC Meet-ups is a new series of events, aimed at giving all Community members an opportunity to present at an LJC event. Join us on 26th February 2026 for a London Java Community meetup hosted at Capital One. This event brings together practitioners exploring what it means to build modern, cloud‑native platforms and work effectively with AI‑powered development tools. As cloud adoption matures and AI coding agents become embedded in engineering workflows, this evening focuses on two critical themes: architecting for cloud‑native efficiency and leveraging AI agents more effectively in real‑world development. **Talk 1 – Tom Clifford‑Clarke, Lead Software Development Engineer at Capital One** *Keeping our heads in the cloud, using AI agents on the ground* Many organisations operate entirely in the cloud — but far fewer are truly cloud‑native. As architectures evolve and AI becomes a core concern, the gap between “running in the cloud” and “optimising for it” becomes increasingly costly. Tom explores why robust architectural patterns and standards are non‑negotiable today. Drawing on Capital One’s journey, he’ll cover practical approaches to Event‑Driven Architecture, serverless adoption, and service cataloguing strategies that unlock scalability, efficiency, and AI readiness — while improving the developer experience. **Talk 2 – Steve Poole, Community Director at LJC** *AI-Assisted Development and the New Risk Surface* AI-assisted coding is now a standard part of development. It accelerates delivery and reduces friction, but it also changes how risk enters our codebases. AI models replicate patterns at scale, including insecure defaults, outdated practices, and subtle flaws. In some cases, attackers can influence public training data or open-source projects, allowing weaknesses to spread quietly through tools and libraries developers trust. This talk looks at how AI-generated code fits into the modern software supply chain, and how speed, automation, and trust can be exploited. We'll examine how vulnerabilities slip past reviews, why unvetted AI output can bypass safeguards, and what these failures look like in real systems. With real-world examples, we'll focus on practical ways to review, test, and integrate AI-generated code responsibly. Strengthening your workflow instead of undermining it. AI isn't the problem. Unexamined automation is. The goal is not fear, but sharper judgment about when AI is helping, and when it needs a closer look. **Speaker Bios** **Tom Clifford‑Clarke** Lead Software Development Engineer at Capital One. Tom’s background spans large‑scale corporate software, end‑user products, and custom delivery tooling. He now focuses on cloud productivity engineering — improving developer experience and enabling teams to build high‑quality software at a sustainable pace. LinkedIn: [https://www.linkedin.com/in/tbc2/](https://www.linkedin.com/in/tbc2/) **Steve Poole** Community Director for the London Java Community. Steve is a Developer Advocate, DevOps practitioner and a long time Java developer, leader and evangelist. He’s been working on Java SDKs and JVMs since Java was less than one year old. Linkedin: [https://www.linkedin.com/in/noregressions/](https://www.linkedin.com/in/noregressions/) Huge thanks to our friends at **Capital One** for sponsoring this event and supporting our Community. This event is organised by RecWorks on behalf of the London Java Community. The London Java Community is sponsored by Hazelcast, Neo4j, Redis, and Discover

Join us for a new Guix Social in-person meetup. Plenty of Guix, Guile, and Free Software hacking and chit-chat. ISN'T THIS EXCITING?!?! :) Bring your own device if you fancy demoing something or for some hands-on hacking. Other than that, we aren't planning any talk, only a friendly get-together in front of a drink. **Venue** Reckon Digital 20 Farringdon Street London EC4A 4AB Please RSVP by 3pm on the day, as attendees' names will have to be communicated to the building's reception by that time. **Code of conduct** We, Guix Social's organisers, intend to create an open, friendly, and safe environment where people from the most diverse backgrounds can get together, learn about, teach, and discuss Guix and related topics in a welcoming and constructive way. To this end, Guix Social adheres to the Guix project's official [Code of Conduct](https://git.savannah.gnu.org/cgit/guix.git/tree/CODE-OF-CONDUCT). Please make sure you're familiar with the document and that you share its principles, before attending our events. Should you - at any time before, during, or after one of our events - want to raise an issue or discuss any CoC-related topic, please do not hesitate to reach out to the organisers at the contacts below. \- Arun Isaac\, arunisaac@systemreboot\.net \- Fabio Natali\, me@fabionatali\.com \- Steve George\, steve@futurile\.net **About** Guix Social has no official ties with the Guix project. We commit to promote the project and to always operate with the best intentions; any mistake that we might make is due to us, Guix Social, not the Guix project.

**Kindly note that this is a paid event and the average number of attendees for our events is 60-70 people. You can register on [https://www.eventbrite.co.uk/e/wealth-connector-exclusive-networking-for-investors-founders-hnwis-tickets-1982301793025?aff=meetup](https://www.eventbrite.co.uk/e/wealth-connector-exclusive-networking-for-investors-founders-hnwis-tickets-1982301793025?aff=meetup)** Wealth Connector® is an exclusive networking experience connecting investors, founders, HNWIs through meaningful, high-value conversations Join us at **2 Chesham** for the 24th edition of **Wealth Connector®** Connect with **investors, wealth managers, entrepreneurs, founders, senior executives, HNWIs, and growth-focused professionals** in a premium, collaborative environment designed to spark meaningful opportunities. At **Wealth Connector®**, we bring together those who have created wealth, those looking to preserve it, and experts providing wealth-building and wealth-protection strategies. This unique mix of **experience, ambition, and expertise** ensures conversations are insightful, organic, and impactful — with **no sales pressure**. **What to Expect:** ✔ Warm introductions & meaningful conversations ✔ A community that genuinely supports each other’s success ✔ Premium London venue at 2 Chesham, blending sophistication & professional elegance ️ ✔ Opportunities to explore partnerships, investment strategies, and wealth creation/preservation ✔ Build trusted relationships with high-calibre professionals in **finance, investment, business strategy, and entrepreneurship** **Who Attends:** • Investors & HNW professionals • Wealth & financial advisors • Entrepreneurs & founders • Senior executives & directors • Business strategists & deal-makers Whether you’re expanding your portfolio, seeking strategic collaborations, or building your circle of trusted peers, **Wealth Connector®** gives you direct access to one of London’s most opportunity-rich networks. **Event Agenda:** The evening at **2 Chesham** begins at 16.30 **️ Tickets:** Early bird tickets are limited — secure your place now and join one of London’s most **exclusive, high-value business networking events**. * [United Kingdom Events](https://www.eventbrite.co.uk/d/united-kingdom/events/) * [Greater London Events](https://www.eventbrite.co.uk/d/united-kingdom--greater-london/events/) * [Things to do in London](https://www.eventbrite.co.uk/ttd/united-kingdom--london/) * [London Networking](https://www.eventbrite.co.uk/d/united-kingdom--london/networking/) * [London Business Networking](https://www.eventbrite.co.uk/d/united-kingdom--london/business--networking/) * [#business](https://www.eventbrite.co.uk/d/united-kingdom--london/%23business/) * [#startup](https://www.eventbrite.co.uk/d/united-kingdom--london/%23startup/) * [#entrepreneur](https://www.eventbrite.co.uk/d/united-kingdom--london/%23entrepreneur/) * [#networkingevent](https://www.eventbrite.co.uk/d/united-kingdom--london/%23networkingevent/) * [#london](https://www.eventbrite.co.uk/d/united-kingdom--london/%23london/) * [#businessnetworking](https://www.eventbrite.co.uk/d/united-kingdom--london/%23businessnetworking/) * [#december](https://www.eventbrite.co.uk/d/united-kingdom--london/%23december/) * [#business_growth](https://www.eventbrite.co.uk/d/united-kingdom--london/%23business_growth/) * [#business_professional](https://www.eventbrite.co.uk/d/united-kingdom--london/%23business_professional/) * [#londonconnector](https://www.eventbrite.co.uk/d/united-kingdom--london/%23londonconnector/)

**Be part of the next Londroid event on Thursday, 26th February 2026, hosted by Vonage.** Spend the evening enjoying Android talks, conversation and community. Expect engaging sessions, the chance to meet others working in Android, and an opportunity to speak with the Vonage team. After the event, we’ll head to **The Fox** for post-event drinks and further conversation. **Tickets:** We have 100 tickets available. Don’t miss out. Follow us on Twitter and LinkedIn for updates. **Schedule:** 18:00 – Doors open & registration 18:30 – Welcome from Londroid and Vonage 18:45 – Zachary Powell - *Beyond the Smartphone: Android’s Identity Crisis in 2026* 19:30 – Nicola Corti – *What I Learned from Publishing Libraries to Maven Central for 10 Years* 20:15 – Q&A and socialising 20:30 – Drinks at The Fox **Our Hosts and Sponsors** **Vonage** Vonage is a cloud communications platform that enables developers to integrate voice, video, and messaging into their applications using communication and network APIs. Whether you’re building video calls, creating a chatbot, or working with programmable phone numbers, Vonage provides the tools to make it happen **Novoda** Novoda is a digital product agency dedicated to building high-quality software. Their team of engineers helps companies scale, modernise and improve their development practices to deliver exceptional digital experiences. Join us for an evening of learning, collaboration and community. We look forward to seeing you there.

Want to be a speaker? submit your talk to our Call for Presenters!!! https://sessionize.com/cbus-hug-2026/

**Important time note:** Please plan on arriving between 5:30 and 6:00 as the elevators lock after 6 and you'll need to message us and we'll need to come get you. The building address is 4450 Bridge Park The entrance is 6620 Mooney St, Suite 400 You will need to scan your ID at the door to get a visitor badge. **Abstract** *Spec-Driven Development with GitHub Spec-Kit: From Intent to Implementation* Spec-driven development flips the traditional workflow on its head: instead of code being the source of truth, the specification becomes the backbone of design, collaboration, and delivery. In this session, we’ll explore how GitHub Spec-Kit enables teams to treat specifications as first-class artifacts—living documents that drive architecture, implementation, and verification. You’ll learn how Spec-Kit helps teams clearly express intent using structured, version-controlled specs that live alongside code. We’ll walk through a practical workflow that starts with defining system behavior and constraints, then progressively refines those specs into testable, automatable outcomes. Along the way, we’ll show how specs can reduce ambiguity, improve cross-functional collaboration, and make design decisions explicit before a single line of production code is written. This talk will cover: --What spec-driven development is (and what it isn’t) --How GitHub Spec-Kit fits into modern developer workflows --Using specs to align product, engineering, and AI-assisted development --Real-world examples of turning specs into implementations with confidence Whether you’re building greenfield systems, integrating AI into your stack, or trying to reduce costly rework, spec-driven development offers a scalable way to move faster without sacrificing clarity. Attendees will leave with concrete patterns and a clear mental model for adopting GitHub Spec-Kit in their own projects. **YouTube Link** TBA

**New Dojo Location!** **Draft Day Columbus** 1130 Dublin Road Columbus, OH 43215 We're going to try a new dojo location for a few weeks and see how it works Dojos are informal Python group study sessions where everyone interested in Python gathers to learn about Python, help others with Python, or just hang out. Everyone is welcome from Python beginners to experts. Bringing a laptop is encouraged (we'll have extension cords and power strips). If there's something you want to learn leave a comment on this invite so we can plan ahead. We're looking for topic suggestions and people interested in presenting at our monthly meetings. To this end we've set up a survey form at [https://docs.google.com/forms/d/15eBKF1nQQ2XS5gzD4rvhVRHMBEj7lJtHuA9wXupS3Uc](https://docs.google.com/forms/d/15eBKF1nQQ2XS5gzD4rvhVRHMBEj7lJtHuA9wXupS3Uc)

**Presenter:** Auri Rahimzadeh, Principal Software Architect, Momentum3 **Time:** Pizza at 6:00, Presentation Starts at 6:30pm Eastern **Location:** Theoris, 9000 Keystone Crossing, Suite 230, Indianapolis .NET 10 is here alongside a practically rewritten Visual Studio 2026. Learn about the new C# 14 features, VS2026 niceties, and more! Looking forward to seeing you there!

Come out to Improving for our monthly iOS and Mac meetings. This Month's Presentation: Nothing yet. (You should volunteer). What is Cocoaheads (http://cocoaheads.org/)? CocoaHeads is a group devoted to discussion of Apple Computer's Cocoa Framework for programming on MacOS X and iOS (including the iPhone, iPad and Apple Watch). During monthly meetings, members present on their projects and offer tutorials on various programming topics. What is BuckeyeCocoa (http://buckeyecocoa.org/)? BuckeyeCocoa is a group of Objective-C/Swift developers/enthusiasts. We host monthly Cocoaheads and near-weekly NSCoder meetings in Columbus, Ohio. The meetings are free to attend. Presentations! Presenters welcome! We are always in need of people willing to present material. Any Swift and/or Objective-C related topic is welcome. Times can be 5 minutes (i.e. lightning talks) to a maximum of 2 hours. Interested? Contact info is on the BuckeyeCocoa website. To volunteer for a presentation contact us at @BuckeyeCocoa on Twitter. Follow us on Twitter! @BuckeyeCocoa (https://twitter.com/#!/Buckeyecocoa/) For more information: http://buckeyecocoa.org/

Columbus Code & Coffee is an inclusive, informal co-working session. People of all skill levels attend, and we love it that way. Many people (optionally) bring projects to work on, and many other people (optionally) socialize the entire time. It's entirely up to you! **What to Expect at the Intro Circle** \~\~\~\~\~\~\~\~\~\~\~\~\~ Near the beginning of the event (1:30 pm), we do a standup: * Organizer announcements, updates, and logistics Round 1 - (7 secs max): * Your name * What you're working on * What you can help others with Round 2: * Community events you wanna plug. If none, that's cool too. Round 3: * Job opportunities you're hiring for OR announce that you are looking for one. If none, that's cool. After the introduction circle, everything is self-organized! Feel free to work alone, pair up, attend one of our workshops/presentations, or mingle!