Consolidated list of interview questions for senior roles from many companies, an AI-copilot for pentesters, learn cloud security from free ~30min labs every week
Datadog's insights on the security posture of 1000's of orgs, a collection of breach reports with TTPs, how red teamers can abuse Slack
A collection of interesting AI tools, products, resources, papers, and more I’ve come across.
List of >100 security-focused GPT agents, join Chris Hughes and I's supply chain security webinar, Docker image with k8s pentesting tools
Rapidly ramp up your web security knowledge, new EKS CTF, big list of supply chain security resources
Security roles overview, skills required, and how to land them, how security teams can help devs ship faster, tool to scan GH Action files at scale
Make sure you're always the perfect candidate, repo with almost every CVE proof of concept, containers & seccomp deep dive
Threat hunting in AWS based on real attacker activity, tools to scan, monitor, or pilfer SSH, principles for user-centric security
Tool to steal CI/CD env secrets via deploying a malicious pipeline, proxy your traffic through a victim's browser, consulting 101, finding your moat, and Moxie's career advice
Tool to find attack paths in Kubernetes clusters, an overview of 20+ supply chain security vendors, Nextdoor's criteria for evaluating CSPMs
An analysis of over 20 supply chain security vendors, from securing source code access and CI/CD pipelines to SCA, malicious dependencies, container security, SBOMs, code provenance, and more
Tool to find ephemeral assets in cloud infra, Dropbox's LLM security scripts, post-exploitation techniques for Okta