🛣️ Security for High Velocity Engineering

I’m absolutely thrilled to share a new guest post from my friend Jason Chan.

Jason was the VP of InfoSec at Netlix for many years, and if you’ve ever heard of the “Paved Road” or secure-by-default approach, he and his team have been giving talks about it for over a decade.

If you want to build a highly effective security program that improves developer productivity AND security, read this.

The post covers:

• Strategy: Aligning with developer experience, focusing on high leverage investments.

• Execution: Understanding your environment and context, building a Paved Road, the two dimensions of a Paved Road (how wide / how smooth).

• And more!

👉️ Read the post here 👈️ 

P.S. If you’re in the San Francisco Bay Area and want to watch the new Mission Impossible: The Final Reckoning movie before it’s publicly released, Semgrep is doing a free private screening on May 21st.

Sponsor

📣 You wrote the AI policy. Can you actually enforce it?

Security teams lack control over AI use because they can’t see what users are entering into prompts or where that data is going. They’re forced to rely on rigid “AI app” categories, even as AI spreads across the SaaS stack. 

And when they turn on DLP, it creates too much noise and too much friction for the user. 

There is a better way. Harmonic gives you real time visibility and control. It runs in the browser, understands context, and flags risky behavior to the user in real time. 

No noise. No guesswork. Just policy enforcement that actually works.

👉 Learn more 👈

AppSec

10 Burp Extensions Tib3rius actually uses
A few of these I’d heard of, a few were new, love it. Lots of focus on AuthN/Authz. Including: Authentication Token Obtain and Replace (ATOR), SAML Raider, Extensibility Helper, Hunt Scanner, TokenJar, GAP, Server-Side Prototype Pollution Scanner, …

HTML to PDF Renderer: A tale of local file access and shellcode execution
Neodyme’s Alain Rödel describes how he discovered and exploited a vulnerability in an HTML to PDF converter API endpoint, leveraging server-side XSS to achieve arbitrary file read and then remote code execution by porting a Chrome 62 exploit. The post include a nice walk through on debugging Chrome n-day exploits.

Key insights:

• Always do extra testing of functionality that generates PDF invoices with dynamic content as it can lead to vulnerabilities like SSRF, local file read, leaking internal data, executing JS if enabled in the browser.

• Including unnecessary metadata in PDFs, images, and documents can help attackers: in this case leaking the specific library and version being used for PDF generation helped significantly with exploiting the issue locally.

• The library API used to do HTML → PDF has an option that can deny local file access and disable the JavaScript engine, but it’s not set by default 🫠 

Sponsor

📣 Private Scattered Spider Threat Briefing With Ian Ahl, SVP of P0 Labs

Understand LUCR-3 (Scattered Spider) and how they are infiltrating cloud environments of some of the largest enterprises in the world as Ian Ahl, SVP of P0 Labs walks through many of the Scattered Spider's TTPs. Sign up for this private, complimentary session to learn:

• How LUCR-3 executes extortion campaigns via data theft of intellectual property 

• The playbook of how this threat actor group is operating in the cloud (Iaas/Saas/IDP/CI-CD) and what TTPs to look for in your environment 

• Actionable steps you can take to prevent breaches or know about them as quickly as possible

👉 Get a Threat briefing 👈

Seems like LUCR-3 has hit a lot of companies, great to hear more about their TTPs and preventing IP theft in general 👌 

Cloud Security

Cloud Incident Readiness: Critical infrastructure for cloud incident response
Invictus Incident Response covers the infrastructure you can use to perform incident response tasks such as root cause analysis, containment and eradication across Azure, AWS, and GCP. The post covers the logs you should have, how to query them (Azure Log Analytics, AWS Athena, Google’s Log Explorer and Log Analytics), useful settings to enable, locking down your environment when responding to an incident, and more.

Tales from the cloud trenches: The Attacker doth persist too much, methinks
Datadog’s Martin McCloskey describes multiple novel AWS attack techniques observed during a real-world incident involving a leaked long-term AWS access key. These include creating "persistence-as-a-service" via Lambda and API Gateway (external HTTP request → dynamically create further malicious IAM users), disabling trusted access for organization-level services, and persistence through AWS Identity Center (AWS SSO). The post ends with a list of detection ideas for this type of activity.

Securing a SaaS Company's AWS Environment After a Breach
Chandrapal Badshah describes an AWS breach at a SaaS company where an attacker gained admin access to staging and production accounts through leaked IAM credentials. The post covers what led to the incident, attacker tactics, and how better security controls could have hindered the attacker. Not necessarily totally new info, but it’s a nice case study + tactical, actionable bullets of things to keep in mind or do.

The Cloud Hunting Games
A new Cloud Incident Response CTF by Wiz’s Avigayil Mechtinger, Deror Czudnowski, and Nir Ohfeld. Learn how attackers move laterally, escalate privileges, and operate inside cloud environments and see if you have what it takes to stop them.

💡 Shout-out to the Wiz research team: they’ve created several free educational CTFs over the years. These take a non trivial amount of work to create, so it’s awesome that they share them with the community for free. I’d love to see more companies doing this 🤘 (Obviously PortSwigger’s Web Security Academy is also great.)

Container Security

EKS vs. GKE - Security
Jason Umiker compares security features of AWS EKS and GCP GKE across key areas like identity management, network firewalling, configuration/posture management, vulnerability/supply chain management, and runtime threat detection. Excellently detailed post 👌 

Understanding the threat landscape for Kubernetes and containerized assets
Microsoft Threat Intelligence describes six primary threats in Kubernetes environments, including compromised accounts (e.g. cloud credentials), vulnerable or misconfigured images, environment misconfigurations, app-level attacks, node-level attacks, and unauthorized traffic. The post provides a case study of a password spray attack leading to cryptomining, and offers best practices and guidance of each of the threat categories. Nice overview 👍️ 

chainguard-dev/dfc
By Chainguard: CLI to convert Dockerfiles to use Chainguard Images and APKs in FROM and RUN lines etc.

💡 This is smart: releasing OSS tools to help (potential) customers auto-migrate to using your platform. Reducing adoption friction and time to value 👍️ 

Introducing WizOS: Securing Wiz from the ground up with hardened, near-zero-CVE container base images
Not content to only shake their fists menacingly at AppSec/ASPM companies with Wiz Code, Wiz has also announced WizOS, a new product focused on hardened, minimal container images. They transitioned from Alpine’s musl to glibc to support a wider range of applications and dependencies, and every component is built from source, with signing and provenance.

💡 Whatever Wiz engineers are taking to ship so fast, I’ll take two, right into my veins.

💡 This is a great example of productizing internal security work- “we want to deploy hardened containers for our platform to keep our customers secure” → WizOS customers can benefit from this work.

💡 Will Wiz be able to build out high quality products in most or all areas of security, becoming a Palo Alto-esque platform? Will the Google acquisition slow their velocity, as the 100 hour work weeks are replaced by Mediterranean cruises on their mega yachts? Tune in next time on CNAPP’s Inferno Season 4.

Blue Team

Open-source toolset of an Ivanti CSA attacker
Synacktiv CSIRT was recently in charge of different forensic investigations where the root cause was a vulnerable Ivanti Cloud Services Appliance (CSA) exposed to the Internet. Maxence Fossat describes three open source tools used by the threat actors: suo5 and iox to tunnel traffic to and from the internal network, and atexec-pro to execute code remotely. The post discusses the core capabilities of each tool and shares YARA and Sigma detection rules for each.

Verizon 2025 Data Breach Investigations Report (DBIR)
The one and only DBIR has been released! Shout-out to my friend Alex Pinto as well as David Hylender, Philippe Langlois, Suzanne Widup and everyone who made it happen.

• Known initial access vectors (n-9,891) = 22% credential abuse, 20% exploitation of vulnerabilities (edge devices and VPNs, grew almost 8x from last year), 16% phishing.

• 37% ransomware increase from last year’s report. 64% of the victim orgs didn’t pay, up from 50% two years ago.

• 60% of breaches involved a human element, 30% of breaches involved a third party, 17% of breaches were espionage motivated.

• ….and lots more!

Red Team

CroodSolutions/AutoPwnKey
By Ezra Woods, Mike Manrod et al: A red teaming framework and testing tool using AutoHotKey (AHK), which currently is not well detected by AV/EDR vendors.

itaymigdal/PowerDodder
By Itay Migdal: A post-exploitation persistence utility designed to stealthily embed execution commands into existing script files (.ps1, .bat,.cmd, .vbs, .js) on the host. By leveraging files that are frequently accessed but rarely modified, it targets high-likelihood execution vectors with minimal detection risk.

How I ruined my vacation by reverse engineering WSC
es3n1n describes the journey of implementing defendnot, a tool that disables Windows Defender by using the Windows Security Center (WSC) service API directly. The project involved reverse engineering WSC, overcoming challenges like process protection level (PPL) and signature validation, and more. The final tool successfully registers a fake antivirus to disable Defender without using third-party AV code.

AI + Security

The Vulnerable MCP Project
By Vineeth Sai: A community-maintained database of known vulnerabilities, limitations, and security concerns with the Model Context Protocol (MCP). Search or filter by security vulnerabilities, implementation challenges, protocol limitations, and severity.

GoogleCloudPlatform/kubectl-ai
An AI-powered Kubernetes assistant that translates user intent into precise Kubernetes operations.

💡 Natural language → DSL via LLM, so hot right now! This was one of the major themes I called out in my 2024 BSidesSF talk: TL;DR Applying AI to Cybersecurity (slides) and video.

mbhatt1/PhantomPipe
By Manish Bhatt: A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and result collection. By tunneling through ngrok, you can quickly expose your C2 server to the public internet for rapid testing and demonstration.

Talk To Your Malware – Integrating AI Capability in an Open-Source C2 Agent
GoSecure’s jdi describes integrating AI into malware implants, allowing operators to issue natural language commands that are translated into executable code on-the-fly (“Scan every user’s home folder and pack any office file under 2MB inside a single archive located in C:/test/output.zip“) using OpenAI. The Python and C# proof-of-concepts integrating the approach into Mythic C2’s Medusa agent are in this GitHub repo.

What’s cool about this approach is a) you don’t need to create all of the implant functionality you’d want ahead of time, you can do it JIT, b) it may be harder to create signatures for due to different code being generated each time, and c) you can include obfuscation commands in the prompt to make the code harder to reverse (e.g. “all variable names should be one or two characters”).

💡 This is super neat, but I bet there’s a fair amount of engineering required to “productionize” this approach, for example: the first version of the generated code may crash or not work and need to be fixed, will the generated code be much noisier from a detection point of view than code written by senior red teamer, etc.

Misc

Nathan Barry on Regret Minimization: “If you knew for sure you couldn’t accomplish all of your goals, which would you most regret not achieving in the next 5-10 years?”

Tech

• Help Net Security: Cybersecurity jobs available right now: May 13, 2025

• Awesome Clippy clone, powered by local LLMs. Glorious!

• Open source project curl is sick of users submitting “AI slop” vulnerabilities, and more from Seth Larson, security developer-in-residence at the Python Software Foundation

• CrowdStrike CEO Cuts His Voting Power by 92% With Unexplained Gifts

• AI Solution Factories - Daniel Miessler explores the future of software development in an AI-driven world, arguing that "full-stack builders" will emerge who focus on identifying and solving problems. Large tech companies may evolve into conglomerates of AI-powered micro-companies.

• Tiago Forte tries to work in only Notion for a day, using Notion Mail and Calendar

Feelz

• Ed Sheeran on Fame

• Lori Gottlieb on Andrew Huberman - How to Find & Be a Great Romantic Partner

• Ali Abdaal on lessons learned from Joe Hudson - Ali seems to have come to a similar realization as I discussed in my BSidesSF keynote, and I like the way he frames it. To paraphrase: “So a few years ago I would have thought all this emotion stuff is woo woo and dumb, but actually I realize now how important it is and it’s seriously improved my life.”

• Modern Relationships with Erik Torenberg - Interviewing Joe Hudson and his wife Tara Howley on their relationship - Surprisingly high conflict for a long time, as they were working through their own issues. I’m impressed they stuck it out. Seems like they’re in a great place now.

• From a Joe Hudson coaching session - What’s Beneath Your Fear of Being Seen?

Politics

• John Oliver on RFK Jr. and cuts being made to public health agencies

• We have reached the “severed fingers and abductions” stage of the crypto revolution - Yikes, apparently there have been a number of kidnappings of family members of people with $$ cryptocurrency wallets. Severed fingers, people rescued from the trunks of cars after being doused with gasoline. One Belgian man’s wife was the victim of an attempted abduction within weeks of him posting online that his crypto wallet was worth €1.6M.

• Rogue communication devices found in Chinese solar power inverters - “Rogue communication devices not listed in product documents have been found in some Chinese solar power inverters” and “Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers.”

  • “Using the rogue communication devices to skirt firewalls and switch off inverters remotely, or change their settings, could destabilise power grids, damage energy infrastructure, and trigger widespread blackouts, experts said.”

  • “In November, solar power inverters in the U.S. and elsewhere were disabled from China.”

✉️ Wrapping Up

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!

Cheers,
Clint
@clintgibler