Keep up with Cybersecurity in 7 min/week. Join >50,000 security professionals getting the best tools, talks, and resources right in their inbox for free.
Connect
A Practitioner’s Guide to Consuming AI
An overview of current applications of AI/ML to cybersecurity with relevant links and a vision of where things are headed.
2 Days | 4 Rooms | ~32 Hours of Talks
A threat-informed roadmap for securing Kubernetes clusters
A collection of interesting AI tools, products, resources, papers, and more I’ve come across.
A breakdown of what constitutes the software supply chain and how to secure each stage
Understanding & detecting the XZ Utils backdoor, CISA's repo of enriched CVEs, an example SOC 2 compliant GitHub CI/CD pipeline
My BSidesSF summaries and RSA announcement overview, custom GPT with CloudSec knowledge, Security Token Service GitHub App
New repo surveying prompt injection defenses, how OpenAI uses LLMs for internal security, insights on MS's honeypot infra
OpenAI's open sourced Slackbots, migrating to IMDSv2 at scale, a collection of offensive Kubernetes security techniques
A call to action, with practical advice
Tools to scan build piplines & remove short-lived tokens, study by Datadog, join Jason Chan and I on the origin of Netflix's Paved Road
How to negotiate your salary and Incident Responder q's, Jason Chan on the Paved Road, new repo of secure by default OSS libraries
The best XZ resources, I interviewed Mike Hanley on secure defaults & AI, SO-CON 2024 slides available
Google's zero trust lessons learned, threat modeling with HCL and LLMs, identifying cross-account IAM attack paths
Auto-fixing code with AI, an open source mapping of CloudTrail -> known incidents and ATT&CK, extensions for security auditors