What Building Application Security Into Shadow IT Looks Like
AppSec is hard for traditional software development, let alone citizen developers. So how did two people resolve 70,000 vulnerabilities in three months?
You May Also Enjoy
There Is Nothing Responsible About Disclosure Of Every Successful Prompt Injection
2 minute read
The InfoSec community is strongest when it can collaborate openly. Few organizations can fend off sophisticated attacks alone—and even they sometimes fail. I...
AIjacking Goes Beyond Prompt Injection
3 minute read
Naming is powerful. An excellent name does more than frame the problem, it hints at ownership, solutions, and urgency to address it. In a very real sense, t...
Very Important Instructions
less than 1 minute read
This is a boring blog post. At least for humans.
Safe Web Browsing for Copilots
1 minute read
Allowing a copilot to search the web at will is extremely dangerous. Here are two somewhat-understood vulnerabilities and how to mitigate them. Note: this is...