OWASP AppSec Days France 2025 highlighted the intricate challenges and strategies in securing modern software delivery pipelines. Held in Paris, the event drew over 150 security practitioners, developers, and OWASP members who engaged in sessions addressing software supply chain vulnerabilities, the critical role of CI/CD as a new perimeter, and the potential of passkeys to replace traditional passwords. Keynote speakers like Roni Carta and François Proulx emphasized the importance of understanding the vulnerabilities in dependencies and CI pipelines, advocating for practices such as pinning exact versions, enforcing MFA, isolating caches, and treating pipelines like production systems. Daniel Garnier-Moiroux showcased the benefits of passkeys through live demonstrations, explaining how they can enhance security by tying key material to a domain and ensuring that credentials never leave local devices. Throughout the conference, the overarching message was the necessity of collaboration, communication, and adherence to best practices across teams to create a cohesive defense against security threats. The event underscored that effective security is not about isolated measures but about a shared culture of attention and coordination, akin to the organized rhythm of Parisian traffic in the absence of stop signs.