Liran Tal 

@[email protected]
676 Followers
288 Following
2.2K Posts

🌟 GitHub Star 2022
🏆 OpenJS Pathfinder award for Security 2022
🥑 DevRel at @snyksec
@NodeJS AppSec & OpenSource ❤️
O'Reilly author on Serverless JavaScript Security
Docker container security hero 🐳

Author of Node.js Security 👉 bit.ly/node-security
Author of Security Headers 👉 bit.ly/http-security

Interests:
#OpenSource #NodeJS #AppSec #JavaScript #Containers #Docker #SupplyChainSecurity #Snyk #OWASP #GitHub #DevSecOps #DevRel #CNCF #OpenSSF #OpenJSF

Websitehttps://lirantal.com
GitHubhttps://github.com/lirantal
Twitterhttps://twitter.com/liran_tal
Node.js Secure Codinghttps://www.nodejs-security.com/
Liran Tal 1h ago
doing DevRel means you get to work on a lot of fun projects, building a telnet server in 2026 for RSA that is essentially a thin BBS to showcase Snyk AI Security platform has been one of those things :-)
Liran Tal 18h ago
spotted 👀
Liran Tal 1d ago

back in February when OpenClaw was getting exponential by the hour, I deep-dived into agent skills security research with the awesome AI security team at @snyksec

now I'm gonna share with you a bunch of these learnings and findings at Tessl's AI Native DevCon in London on June 1-2

who's coming??

Liran Tal 1d ago

y'all coming to AI Native DevCon in London https://tessl.io/devcon/?

would love to see ya there (June 1-2) and talk about agentic development security topics, I'm sure you have many questions! 😉

Liran Tal 2d ago
if you want to compare tokenization side-by-side to compare different texts check out: https://token-compare.pages.dev
Token Compare — Free LLM Token Counter & Comparator

Side-by-side token analysis for LLM prompt engineering. See exactly how your text gets tokenized by GPT-4 and ChatGPT. Free, instant, no signup.

Token Compare
Liran Tal 2d ago

ok seriously not sure why I waited so long before deploying static websites to Cloudflare...

actually super easy and nice DX
good job CF peeps!

Liran Tal 3d ago
frigging love open source devs
Liran Tal 3d ago
Cloudflare imagine the DX for wrangler CLI if you can help alleviate env vars resolution in smarter ways
Liran Tal 4d ago

another very nice catch by @QodoAI code review bot that prevented potential insecure guidance to a npm security best practices repository

the details matter!

Liran Tal 4d ago

what if you used npq to assess bad package health signals and vulnerabilities before you installed malware from npm...?

$ npq <package>

also works with

$ npq install <package>

which pass-through to your package manager of choice to actually install after supply chain checks