Build safely with AI: Securing your agentic engineering

AI agents pull dependencies at machine speed. How can we make sure what they pull can actually be trusted?

rate limit

Code not recognized.

About this course

AI coding agents don't just suggest code anymore. They install packages, run scripts, configure environments, and deploy applications — all with your credentials, at speeds no security team can manually review. This course explains how that changes your threat model, introduces the four attack classes that bypass standard defenses, and gives you a practical framework for building software safely with AI: isolation and provenance. The hands-on final lesson is a walk-through demonstrating how to configure a secure, containerized development environment. The current implementation uses Claude Code, but you can use any tools that you want (Cursor, GitHub Copilot Agent, and others).

At the end of this course, you will be able to:

  • Explain how agentic development expands the software supply chain attack surface
  • Name and distinguish the four attack classes (CVEs, zero-days, malware, and greyware) that target the modern SDLC
  • Apply the two core principles of isolation and provenance to their development workflow
  • Configure a containerized dev environment using Chainguard Containers so that app dependencies don't run on the host machine
  • Migrate Python dependencies to Chainguard Libraries and verify coverage using chainctl

Curriculum

  • How AI coding agents expand your attack surface
  • Untitled Section
  • Software supply chain threats
  • Provenance over patching
  • Two principles for a safe AI-assisted SDLC
  • 🛠️ Hands-on lab
  • Secure AI-assisted development with sbomviz
  • Running our app
  • Put it to the test
  • Let's hallucinate!

About this course

AI coding agents don't just suggest code anymore. They install packages, run scripts, configure environments, and deploy applications — all with your credentials, at speeds no security team can manually review. This course explains how that changes your threat model, introduces the four attack classes that bypass standard defenses, and gives you a practical framework for building software safely with AI: isolation and provenance. The hands-on final lesson is a walk-through demonstrating how to configure a secure, containerized development environment. The current implementation uses Claude Code, but you can use any tools that you want (Cursor, GitHub Copilot Agent, and others).

At the end of this course, you will be able to:

  • Explain how agentic development expands the software supply chain attack surface
  • Name and distinguish the four attack classes (CVEs, zero-days, malware, and greyware) that target the modern SDLC
  • Apply the two core principles of isolation and provenance to their development workflow
  • Configure a containerized dev environment using Chainguard Containers so that app dependencies don't run on the host machine
  • Migrate Python dependencies to Chainguard Libraries and verify coverage using chainctl

Curriculum

  • How AI coding agents expand your attack surface
  • Untitled Section
  • Software supply chain threats
  • Provenance over patching
  • Two principles for a safe AI-assisted SDLC
  • 🛠️ Hands-on lab
  • Secure AI-assisted development with sbomviz
  • Running our app
  • Put it to the test
  • Let's hallucinate!