Thanks to visit codestin.com
Credit goes to tldrsec.com

404

The page you requested doesn't exist

We could not locate the page: /blog/

Try one of the featured posts or search the archive below.

Featured Posts

BlogBlog
Security for High Velocity Engineering

Security for High Velocity Engineering

Strategy and Tactics for Protecting and Enabling Modern Software Organizations

Jason Chan
Jason Chan
PodcastPodcast
Google Cloud CISO: Shift Down not Left, 4 ways Google uses AI for Security (with Phil Venables)

Google Cloud CISO: Shift Down not Left, 4 ways Google uses AI for Security (with Phil Venables)

Moving from artisanal to industrial security at scale, and how Google uses AI for reversing malware, analyzing hacker videos, fuzzing, and more

Clint Gibler
Phil Venables
Clint Gibler, +1
BlogBlog
How to securely build product features using AI APIs

How to securely build product features using AI APIs

A Practitioner’s Guide to Consuming AI

Rami McCarthy
Rami McCarthy
BlogBlog
AI and Machine Learning in Cybersecurity

AI and Machine Learning in Cybersecurity

An overview of current applications of AI/ML to cybersecurity with relevant links and a vision of where things are headed.

Clint Gibler
Clint Gibler
What I Learned Watching All 44 AppSec Cali 2019 Talks

What I Learned Watching All 44 AppSec Cali 2019 Talks

2 Days | 4 Rooms | ~32 Hours of Talks

Clint Gibler
Clint Gibler
BlogBlog
Keep Hackers Out of Your Kubernetes Cluster with These 5 Simple Tricks!

Keep Hackers Out of Your Kubernetes Cluster with These 5 Simple Tricks!

A threat-informed roadmap for securing Kubernetes clusters

Christophe Tafani-Dereeper
Christophe Tafani-Dereeper

Archive

NewsletterNewsletter
[tl;dr sec] #312 - The Industrialization of Exploit Generation, macOS EDR Evasion, Hacking the AWS Console

[tl;dr sec] #312 - The Industrialization of Exploit Generation, macOS EDR Evasion, Hacking the AWS Console

Generating 0-day exploits with Opus 4.5 and GPT-5.2, blind spots for EDRs on macOS, supply chain vuln that enabled compromising the AWS Console

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #311 - Slack's Security Agents, Cloud-Native Detection Engineering, Trail of Bits' Claude Skills

[tl;dr sec] #311 - Slack's Security Agents, Cloud-Native Detection Engineering, Trail of Bits' Claude Skills

Slack's AI agent system to optimize security alert investigations, deep dive into cloud-native detection engineering, ToB's open source Skills for security research, vulnerability detection, and audit workflows

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #310 - Vulnerable MCP Labs, Pathfinding.cloud, Prompt Injection Taxonomy

[tl;dr sec] #310 - Vulnerable MCP Labs, Pathfinding.cloud, Prompt Injection Taxonomy

9 vulnerable MCP servers to learn how to pen test AI agent infra, a knowledge base of 65+ AWS IAM privilege escalation paths, Jason Haddix's open-source classification system for LLM prompt injection attacks

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #309 - Winning the AI Cyber Race, SAST at LinkedIn, Detection Engineering

[tl;dr sec] #309 - Winning the AI Cyber Race, SAST at LinkedIn, Detection Engineering

Why AI offense is beating defense and Verifiability is All You Need, how LinkedIn scales SAST to millions of LOC and 10k's of repos, atomic detection rules

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #308 - MCP Security, AWS re:Invent Recaps, Detecting Malicious Pull Requests with AI

[tl;dr sec] #308 - MCP Security, AWS re:Invent Recaps, Detecting Malicious Pull Requests with AI

MCP practice labs and securing MCP paper, re:Invent highlights, how Datadog detects malicious PRs at scale

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #307 - AI Bug Hunting Tools, Shai-Hulud 2.0, Keeping Secrets out of Logs

[tl;dr sec] #307 - AI Bug Hunting Tools, Shai-Hulud 2.0, Keeping Secrets out of Logs

Three open source AI-powered vulnerability finding tools, a baker's dozen security vendor blogs about the latest supply chain attack, how to keep secrets out yo' logs son

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #306 - Claude Code's Hacking Campaign, Rust in Android, Secrets Scanners Miss

[tl;dr sec] #306 - Claude Code's Hacking Campaign, Rust in Android, Secrets Scanners Miss

Claude used by state actors for a hacking campaign + industry weighs in, Rust -> 1000x reduction in memory safety vulns in Android, why your secret scanner is missing valid secrets

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #305 - AI SAST, Awesome Annual Security Reports, Block Risky Dependencies

[tl;dr sec] #305 - AI SAST, Awesome Annual Security Reports, Block Risky Dependencies

Open source AI SAST tools + vendor comparison, huge list of vendor security reports, GitHub Action to block risky dependencies

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #304 - OpenAI & DeepMind's AI Security Agents, OSS Malware Database, How Figma Detects Sensitive Data Exposure

[tl;dr sec] #304 - OpenAI & DeepMind's AI Security Agents, OSS Malware Database, How Figma Detects Sensitive Data Exposure

Aardvark and CodeMender autonomously find/fix vulnerabilities, open database for tracking malicious open-source packages, how Figma finds authorization issues at scale

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #303 - MCP Security Scanners, Attacking GitLab CI/CD, AI SOC Benchmarks

[tl;dr sec] #303 - MCP Security Scanners, Attacking GitLab CI/CD, AI SOC Benchmarks

Tools to scan MCPs for vulnerabilities, attacking self-hosted GitLab instance runners, benchmarks measuring the performance of AI's SOC and CTI capabilities

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #302 - LLM Honeypot Catches Threat Actor, Supply Chain Compromise Survey, AI-powered Malware

[tl;dr sec] #302 - LLM Honeypot Catches Threat Actor, Supply Chain Compromise Survey, AI-powered Malware

Deceiving attackers with an LLM SSH honeypot, root cause analysis of 2024/2025 supply chain compromises, malware leveraging AI for stealth/better effectiveness

Clint Gibler
Clint Gibler
NewsletterNewsletter
[tl;dr sec] #301 - Security Leadership Master Class, DEF CON Cloud Village Talks, AI-Powered Honeypot

[tl;dr sec] #301 - Security Leadership Master Class, DEF CON Cloud Village Talks, AI-Powered Honeypot

Guide to being an effective security leader, 25 talks on cloud, k8s and AI, auto-generating vulnerable honeypots

Clint Gibler
Clint Gibler
FirstBack
12345678
Next Last