Archive

NewsletterNewsletter
[tl;dr sec] #265 - Google's Secure-by-Design Web Framework, AI-powered Phishing, How Palantir Secures Source Control

[tl;dr sec] #265 - Google's Secure-by-Design Web Framework, AI-powered Phishing, How Palantir Secures Source Control

How Google eliminates vuln classes, human expert-level AI spear phishing, how Palantir hardens their code writing process

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #264 - Applying AI to AppSec, Threat Modeling in AWS, Behavioral Cloud IOCs

[tl;dr sec] #264 - Applying AI to AppSec, Threat Modeling in AWS, Behavioral Cloud IOCs

How to autofix code and reduce noise, guide on creating infra diagrams and relevant threat modeling tools, identifying cloud TTPs and threat actors

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #263 - Tarpit for AI Crawlers, Google's OSS SCA Tool, Backdooring Backdoors

[tl;dr sec] #263 - Tarpit for AI Crawlers, Google's OSS SCA Tool, Backdooring Backdoors

Tool to sinkhole and misinform AI bots crawling your site, Google's new software composition analysis tool, hijacking backdoors in web shells at scale

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #262 - Red Teaming AI, AWS Org Policies Deep Dive, Anti-EDR Compendium

[tl;dr sec] #262 - Red Teaming AI, AWS Org Policies Deep Dive, Anti-EDR Compendium

Microsoft and OpenAI on red teaming AI, SCPs and Resource Control Policies in detail, how EDR works and how to bypass it

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #261 - Cloud Invariants, Cross-IdP impersonation, AI-powered Cloud Defense

[tl;dr sec] #261 - Cloud Invariants, Cross-IdP impersonation, AI-powered Cloud Defense

Protecting your Cloud Admin account, getting hacked via IdPs you don't even use, paper & tool about LLM-powered dynamic cloud defense

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #260 - Reddit's Self Hosted Code Scanning, Build an Offensive AI Agent, OpenSSF's Package Analysis

[tl;dr sec] #260 - Reddit's Self Hosted Code Scanning, Build an Offensive AI Agent, OpenSSF's Package Analysis

Reddit's flexible code scanner for any CLI tool, an agent that analyzes JS and tests routes, new tool to scan OSS packages

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #259 - What Sucks in Security, Supply Chain Firewall, AWS re:Invent Security Talks

[tl;dr sec] #259 - What Sucks in Security, Supply Chain Firewall, AWS re:Invent Security Talks

Insights from 50+ security leaders, OSS tool to protect devs from malicious dependencies, playlist of re:Invent's security talks

Clint Gibler
Clint Gibler
BlogBlog
What sucks in security? Research findings from 50+ security leaders

What sucks in security? Research findings from 50+ security leaders

A deep dive into what CISOs are actually complaining about

Maya Kaczorowski
Maya Kaczorowski
NewsletterNewsletter
[tl;dr sec] #258 - AI-powered Fuzzing and SAST, What Hackers know about your AWS Account, EDR Vulnerabilities

[tl;dr sec] #258 - AI-powered Fuzzing and SAST, What Hackers know about your AWS Account, EDR Vulnerabilities

Google's AI-powered fuzzing and augmenting SAST with AI, new OSINT/recon service for public AWS identifiers, finding EDR vulns with fuzzing

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #257 - Autonomous AI Hacking, Buying us-east-1, macOS Security

[tl;dr sec] #257 - Autonomous AI Hacking, Buying us-east-1, macOS Security

AI finds an authentication bypass, what happens when you buy an AWS region name domain, fuzzing macOS and sandbox escapes

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #256 - AI SOC Analyst, Detection Engineering, How to Ransomware in AWS

[tl;dr sec] #256 - AI SOC Analyst, Detection Engineering, How to Ransomware in AWS

NVIDIA's AI SOC analyst you can speak to, embracing TDD and detection as code, tips on how 2 ransomware

Clint Gibler
Clint Gibler
BlogBlog
Systems Thinking for Cybersecurity Professionals

Systems Thinking for Cybersecurity Professionals

Let's hit RESET!

Laksh Raghavan
Laksh Raghavan
FirstBack
12345678
Next Last