- tl;dr sec
- Archive
- Page 12
Archive
![[tl;dr sec] #165 - Hunting for Malicious Persistence in the Cloud, GitHub Action Security, Dark Sides of Machine Learning](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2024-11-21_at_10.48.21_AM.png)
[tl;dr sec] #165 - Hunting for Malicious Persistence in the Cloud, GitHub Action Security, Dark Sides of Machine Learning
How to detect malicious persistence in AWS, GCP, and Azure, leaking GitHub Action secrets and improving OIDC security posture, will ChatGPT degrade communication online?
[tl;dr sec] #161 - ChatGPT, Scaling Vulnerability Management in Microservices, Supply Chain
Many varied examples of using ChatGPT, how Lyft precisely fixes OS and OS-package level vulnerabilities across ~1,000 services, Sigstore and dangerous subtleties in the GitHub download artifacts API.
[tl;dr sec] #162 - Meaningful Security Product Metrics, Vulnerability Inbox Zero, Joe Sullivan Trial Deep Dive
How to justify the value of your security team's investments and prioritize, how to build an Inbox Zero vulnerability management approach, Magoo's detailed blameless post-mortem of USA vs Joe Sullivan.
[tl;dr sec] #156 - Hipster History of CORS, Serverless Security Event Data Pipelines, Evaluating Container Attack Detection
Dev's hilarious and useful history of the Internet and browser security, new toolkit from Brex to easily normalize and enrich security event data, additional Kubernetes attack methods and evaluating Falco.