내가 좋아할 만한 콘텐츠
My new book Blitzscaling Security is now available. Dive into the mind of Alex, the first security engineer at a scale-up, & experience the brutal truth behind designing a security that protects and boosts the business The gloves are off with this one :) amazon.com/dp/B0C4LC4FDW
How many security « best practices » are inherited from windows’ weak architecture and wrong extrapolated to other environments ?
Forget npm supply-chain atacks. the next big thing is probably docs poisoning for LLMs.
How come Kindle still does not have an LLM-like assistant…this would be a game changing experience.
Maybe instead of another half-baked service with insane pricing, AWS could fix the giant SPOF that is us-east-1. Just a thought.
My only request for third-party vendors: SSO and decent audit logs in my SIEM. That’s it. Should be simple enough… right? right?
Laurie is correct. I had this vividly demonstrated to me in F-35 flight test. The flight sciences (read: no systems that makes it combat capable) test aircraft experienced problems with their flight test instrumentation systems: their instrumentation recorders, which were Linux…
It all comes down to queueing theory. Unfortunately, computers don’t degrade gracefully under load. 70% CPU is smooth sailing. 95% is a nightmare. Programmers (incorrectly) focus on the absolute value, when really they should be looking at the derivative.
Today I am happy to release a new blog post about Pointer Authentication (PAC) on Windows ARM64! This post takes a look at the Windows implementation of PAC in both user-mode and kernel-mode. I must say, I have REALLY been enjoying Windows on ARM!! preludesecurity.com/blog/windows-a…
Docker probably did more for Security than half of the “security products” out there.
If Security is known as the “no department,” it loses credibility and value to execs. Reframe every “can we” into “how can we,” and you go from hall monitor to business enabler. From buzzkill to visionary. That's how you make Security matter.
Security metrics are vanity dashboards: vuln counts, patch SLAs, compliance scores. You're grading paperwork. Measure attacker economics instead: minutes to first signal, time-to-contain, single-cred blast radius. If it doesn't change an op, drop it
Bug bounties were supposed to bridge researchers and companies. Instead, low-effort mass submitters have turned them into inbox noise of "critical open redirect" reports.
Outsourcing your SOC = outsourcing your security. At that point, you’re just renting alerts, not owning defense.
Cybersecurity isn’t just about walls, it’s about funnels. Good hardening doesn’t block everything, it forces attackers down a path you control. That path should be full of traps.
People worry that chatgpt will replace search. There is a good to fair chance it replaces the whole Web. « Wire $100 from my Chase account to Sylvia » « Send an emall to John » Etc. The internet will be the current brick and mortar. For old people that still remember the « good…
Shopify merchants will be able to sell directly in ChatGPT. We’ve been working with @OpenAI for quite some time so people can search and buy products in chat, and it’s something we’ve had a hard time keeping quiet. Rollout is coming very very soon.
In security, doing the work is hard. Proving you did the work to a skeptical auditor/regulator ? 100x harder. That’s why compliance devolves into checkboxes and process theater.
In a world of ever-smarter AI models, I don’t get MCPs. Why build & maintain two APIs when the model can read the docs and call the one you already have? The future belongs to smarter models, not more plumbing.
C makes it easy to shoot yourself in the foot. assembly makes it hard to miss.
AWS tip: Use VPC Endpoints (vpce). ✅ Restrict IAM policies to your endpoint ✅ Spot attempts coming from outside your infra ✅ Save $$ on egress traffic Protection + detection + cost reduction.
United States 트렌드
- 1. Good Thursday 19.2K posts
- 2. Knicks 13.6K posts
- 3. Shamet 2,966 posts
- 4. #AEWDynamite 21.9K posts
- 5. FEMA 69.9K posts
- 6. Brandon Williams 1,059 posts
- 7. #Survivor49 3,970 posts
- 8. NO CAP 15K posts
- 9. Derik Queen 4,576 posts
- 10. #AEWCollision 8,839 posts
- 11. Sam Harris 3,368 posts
- 12. #SeeRed N/A
- 13. #TheChallenge41 1,681 posts
- 14. Nany 2,042 posts
- 15. Chisa 34.2K posts
- 16. Sheila Cherfilus-McCormick 52.7K posts
- 17. Lute 87.7K posts
- 18. Blazers 4,229 posts
- 19. D'Angelo Russell 1,058 posts
- 20. Josh Hart 2,858 posts
내가 좋아할 만한 콘텐츠
-
Will Schroeder
@harmj0y -
Zero-Point Security
@_ZeroPointSec -
Beau Bullock
@dafthack -
SpecterOps
@SpecterOps -
Matt Hand
@matterpreter -
Steven
@0xthirteen -
LuemmelSec
@theluemmel -
Swissky
@pentest_swissky -
Pixis
@HackAndDo -
BC Security
@bcsecurity -
Patrick Wardle
@patrickwardle -
mpgn
@mpgn_x64 -
Ryan Cobb
@cobbr_io -
ippsec
@ippsec -
Mr.Un1k0d3r
@MrUn1k0d3r
Something went wrong.
Something went wrong.