Blog

View on LinkedIn
The Type of AI Every Frontend Developer Should Refuse to Use (And Why)

The Type of AI Every Frontend Developer Should Refuse to Use (And Why)

Let me be blunt: 45% of AI-generated code contains security vulnerabilities. Not syntax errors. Not logic bugs. Real vulnerabilities—the kind that can compromise your app, your company, and your career. And here's what's scary: most developers don't even realize they're shipping them. Veracode's 2025 GenAI Security Report reveals shocking statistics: JavaScript has a 43% failure rate, with XSS vulnerabilities at 86% and Log Injection at 88%. The problem isn't AI—it's blind trust. Too many frontend engineers treat AI tools like vending machines: prompt in, code out, deploy. It feels fast. It looks productive. But it's not progress—it's a security timebomb wrapped in efficiency metrics. AI doesn't understand data flow, trust boundaries, or attack vectors. It can't tell if a variable came from a user or a secure source. It just mimics patterns—secure or insecure. Researchers call this "vibe coding": shipping code that feels correct but hides silent security flaws. Between 2023–2025, a new attack vector exploded: slopsquatting. AI "hallucinates" fake package names, attackers register them on npm, and thousands of projects get compromised. Learn why critical thinking beats copy-pasting, how to review AI code like it's from a stranger, and why the most valuable developers in 2026 won't be the fastest—they'll be the ones who think before they trust.

Why UI Engineers Need to Understand Data—Even in Security-Heavy Domains

Why UI Engineers Need to Understand Data—Even in Security-Heavy Domains

As UI engineers, we often focus on the essentials: design systems, component architecture, performance, and accessibility. But in domains where security and data are core to the product, stopping there simply isn't enough. I work at a company tackling one of the most complex challenges in cybersecurity: making sense of fragmented, siloed data. Our platform combines a Security Data Fabric with an AI-powered Exposure Management system. At first, I treated the data as just "input" for UI—tables, charts, graphs. But I realized something important: when the data is high-stakes, the interface becomes mission-critical. Understanding the nature, behavior, and intent behind the data made me a much better UI engineer. In cybersecurity, trust is everything. Whether it's a SOC analyst, threat hunter, or CISO—they all rely on UI to make quick, high-impact decisions. A misleading chart or unclear risk label can cause confusion or delay a critical response. Security data is volatile, inconsistent, and often ambiguous. Understanding its behavior over time makes us better at building UX that adapts, instead of assuming. You become the translator between raw threat and vulnerability data into clear, actionable visuals that lead to fast, accurate decision-making. Great UIs don't expose complexity—they tame it. And to do that, you have to know what to hide, what to highlight, and when. If you understand the models, signals, and priorities, you're not "just the frontend dev." You're the bridge between insight and action, amplifying the power of the entire system by making it usable, understandable, and trustworthy.

I publish articles on LinkedIn about UI Engineering, Product Strategy & More...

Follow me on LinkedIn for more