š”ļø Head of Security Research @semgrep š Creator of tl;dr sec newsletter
NVIDIA's AI SOC analyst you can speak to, embracing TDD and detection as code, tips on how 2 ransomware
Google Project Zero's LLM-powered variant analysis, deobfuscating IAM polices and a real-time SCP error monitor, using LLMs to create secure by default Terraform modules
Practice your GCP and Azure security skills, scaling AppSec with LLMs, a curated list of awesome threat detection and hunting resources
Datadog's 2024 update, lots of resources on AI + security, VMware ESXi built-ins adversaries use
Simulate ransomware with KMS XKS + your key, Venator, a new OSS tool, new Caldera plugin to emulate complete, realistic cyber attack chains
Finding dangling DNS records and secrets at scale, new tool with 80+ attack techniques, NVIDIA's AI blueprint to auto-triage your container CVEs
Detailed CNAPP overview and Day 2 guide, o1 semi-escapes to solve a broken challenge, config tips & tricks for cloud control plane logs
Cloud-specific indicators of compromise, tools regularly used by Russian government threat actors, webinar on secure guardrails & building Netflix's Paved Road
Excellent scaling CloudSec resources, SANS + AWS white paper, two OSS benchmarks for measuring the offensive capabilities of AI models
LinkedIn's dynamic infra mapping system that streamlines vuln management, register any removed package name because #yolo, creating least privilege roles at scale