In today's reality, security engineers are the guards of products and its users. But who guards the guards? Based on real scenarios of supply chain attacks, we'll demonstrate the weakest points of the “Agile Security” paradigm and redefine Code of Conduct for Security Engineer.