Product comparison: Detectify vs. Escape
Escape Pros Escape provides deep, contextual visibility by integrating with internal developer and cloud tools. Its AI-powered assessment finds complex business logic vulnerabilities like BOLA…
Category: Mix
Why I Think Karpathy is Wrong on the AGI Timeline
Andrej Karpathy came on Dwarkesh’s podcast recently, and I have a number of thoughts. Many are saying that Karpathy thinks AGI is 10 years away,…
![[tl;dr sec] #301 - Security Leadership Master Class, DEF CON Cloud Village Talks, AI-Powered Honeypot](https://image.cybernoz.com/wp-content/uploads/2025/10/tldr-sec-301-Security-Leadership-Master-Class-DEF-CON.png)
[tl;dr sec] #301 – Security Leadership Master Class, DEF CON Cloud Village Talks, AI-Powered Honeypot
I hope you’ve been doing well! Reflections and Cooking First off, thanks so much to everyone who reached out with kind and encouraging words after…
When Authentication Fails — Exposing APIs to Risk — API Security
Authentication issues seem like low-level attacks. But authentication today – especially API authentication – can be more difficult than people expect. Companies rely on APIs…
Extending your lifespan through attention
One of the most surprising things I’ve ever learned is that novelty and attention extend your lifespan. Or, more precisely, attention and novelty slow time.…
Why API security is different (and why it matters)
Two months in at Detectify and I’ve realized something: API security is a completely different game from web application security. And honestly? I think a…
The Government Solution to AI Inequality Might Be UBI + Really Good Games
Or maybe 99-1. UBI is an obvious choice for calming the masses when the world turns into a lopsided 90-10 barbell. But I don’t think…
Hacking the Nokia Beacon 1 Router: UART, Command Injection, and Password Generation with Qiling
ICYMI: My No Starch Press book “From Day Zero to Zero Day” is an Amazon bestseller – grab your copy with 30% off now! Continuing…
Explore vs. Exploit: The Pattern-Novelty Balance
There’s a real cool concept that I always come back around to, which is the oscillation between “explore” and “exploit.” Best simple example is trying…
API Security Platform of the Year 2025 — API Security
2025 has been one of Wallarm’s biggest years yet. In the last few months alone, we unveiled our industry-first API Revenue Protection capability, launched our…
Product comparison: Detectify vs. Tenable
Tenable Pros Holistic view of the entire IT estate, from external web servers to internal workstations and cloud infrastructure. Through purchasing its VPR and Attack…
![[tl;dr sec] #300 - Security Headcount Ratios + Hiring Plan, MCP Security, Compliance](https://image.cybernoz.com/wp-content/uploads/2025/10/tldr-sec-300-Security-Headcount-Ratios-Hiring-Plan.png)
[tl;dr sec] #300 – Security Headcount Ratios + Hiring Plan, MCP Security, Compliance
I hope you’ve been doing well! Episode 300 This issue will be a bit shorter as I’ve been in Tahoe all week with my Semgrep…