Survey of misconfigured and openly accessible k8s clusters, several SBOM resources, how Elastic uses Elastic for vulnerability management
Multi-cloud open source tool to deploy vulnerable-by-design cloud resources, fuzzing Kubernetes Admission Controllers, where you can get tl;dr sec swag at Hacker Summer Camp
Common techniques and attack vectors for both AI and SaaS apps, a deliberately vulnerable GHA CI/CD environment, tool to find authentication and authorization bugs in web apps
Google's whitepaper on how they approach AI red teaming, OWASP's cloud architecture security cheatsheet, ToB on static/dynamic analysis tooling
Spin up purposefully vulnerable Azure AD tenants, detailed examples of modern detection pipelines, new subscriber milestone!
How to secure product features that leverage AI, CISA's repo of example penetration testing findings, how to join Google's red team and other career resources
A Practitioner’s Guide to Consuming AI
CISA/NSA's guide on defending cloud CI/CD, backdooring NPM modules depending on binaries in S3, I'm collecting AI + cybersecurity resources
An overview of current applications of AI/ML to cybersecurity with relevant links and a vision of where things are headed.
In this talk, Louis covers 3 web cache related attacks: cache deception, edge side includes, and cache poisoning.
Interview questions across a variety of roles, several secret scanning tools, an autonomous pentesting tool using GPT-4
An offense-focused approach to AWS pentests, companies ended by cybersecurity breaches, OSS security tools leveraging LLMs
![[tl;dr sec] #195 - Kubernetes Exposed, SBOMs, Elastic's Vuln Management](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2024-11-21_at_10.48.21_AM.png)
