This post is written in a seminar-style format.
You can read it quietly, pause, reflect, and come back.
No rush. No performance.
Welcome
Hi, I’m Prasoon Jadon, a solo builder working on tools, open-source projects, and security awareness under Vyoma.
This article is part of VSAP — Vyoma Security Awareness Program.
The goal is simple:
Help developers stay secure while building publicly.
Why This Matters
As developers, we:
- Push code publicly
- Share progress online
- Build in open communities
This is powerful — but it also creates attack surfaces we often ignore.
Security is not paranoia.
Security is awareness.
1️⃣ Public Repositories Are Not Safe by Default
One of the most common mistakes I see:
Treating public repositories as harmless.
Never commit:
- API keys
- Tokens
.env files- Internal URLs
Even if you delete them later, history remains.
Habit to build:
Always assume your code will be read by strangers.
2️⃣ OSINT Works Both Ways
OSINT (Open-Source Intelligence) means:
Collecting information from publicly available sources.
Developers unknowingly leak:
- Email addresses
- GitHub activity patterns
- Tech stack details
- Location hints
If you can research companies using OSINT,
someone can research you the same way.
Question to reflect on:
What can someone learn about me in 10 minutes online?
Many developers ask:
“Which security tool should I use?”
The honest answer:
Tools help, but habits protect.
Core habits:
- Unique passwords
- Password managers
- Regular updates
- Minimal permissions
- Thinking before sharing
Most breaches happen due to human habits, not missing tools.
4️⃣ Building in Public ≠ Oversharing
Building in public is great.
Oversharing is risky.
You don’t need to share:
- Exact infrastructure details
- Internal logic
- Sensitive architecture diagrams
Rule of thumb:
Share learnings, not weaknesses.
5️⃣ Calm Security > Fear-Based Security
Security content often relies on fear.
VSAP focuses on:
- Awareness over panic
- Habits over hacks
- Calm learning
Security should empower you, not scare you.
Open Reflection
If this were a live text seminar, I’d ask:
- What security mistake taught you the most?
- What’s one habit you want to improve?
- What topic should the next session cover?
You can reflect privately or share in comments.
Closing Thoughts
This article is not about being perfect.
It’s about being a little more aware than yesterday.
I’m experimenting with:
- Text-based seminars
- Calm developer communities
- Community-first growth under Vyoma
If this style resonates, more sessions will follow.
Thanks for reading quietly
— Prasoon Jadon
Founder, Vyoma