Secure by Design roundup - April 2024
A less busy month in appsec, AI, and regulation, but still interesting stories
Shostack + Friends Blog
RSA 2024
A great threat modeling talk at RSA 2024
Happy Star Wars Day
Sutter on Safety
What do we need to assess if memory safe langages are 'sufficient'?
Eternal sunshine of the spotless LLM
Making an LLM forget is harder than it seems
Other comments on the CSRB Microsoft Report
Leveraging our training platform
How we leverage a platform for great training
CSRB Report on Microsoft
The CSRB has released its report into an intrusion at Microsoft, and ... it’s a doozy.
Introducing Magic Security Dust!
Secure by Design roundup - March 2024
A busy month in appsec, AI, and regulation.
Cybersecurity Lessons from Covid19
Join us for a provocative exploration on Thursday!
The NVD Crisis
The NVD is in crisis, and so is patch management. It’s time to modernize.
Adventures in LLM Coding
Exploring LLM-driven coding as I get ready for Archimedes
Inherent Threats (Whitepaper)
We have an awesome new white paper available!
The British Library’s Incident Review
Thoughts on the British Library incident