Protecting Your AI-Powered Infrastructure — API Security
With innovation comes risk. As organizations race to build AI-first infrastructure, security is struggling to keep pace. Multi-Agentic Systems – those built on Large Language…
Category: Mix
AI Models Are Not Safety-Tuned for Kids · Joseph Thacker
It hit me like a lightning bolt during a casual conversation about AI safety: we’re tuning these models for adults, but kids are using them…
The Quest for the Shortest Domain · Joseph Thacker
In the world of bug bounty hunting, having a short domain for XSS payloads can be the difference in exploiting a bug or not… and…
The Third Limitation to Creativity
The moment when you realize what was previously impossible is now trivial I just wrote a new piece about the two primary limitations to creativity.…
strategic guidance for CISOs and cybersecurity leaders
If you are a CISO or cybersecurity leader looking to scale your bug bounty program but are not sure when the right time to do this is, how to do this in…
Who’s Not Getting Laid Off?
Who is not being laid off? That’s the question. I’m thinking about all these layoffs. I’m trying to figure out if there’s anything we can…
Two Creativity Barriers | Daniel Miessler
I think there are two primary ways we limit our own creativity. What I’ll call Type 1 is the inability to access your true, internal…
Our 20,000 Eyes and Hands
Here’s a different way to think about the change coming to the workforce and economy from AI. Imagine everyone in the world has 10,000 brains,…
Intigriti Bug Bytes #227 – August 2025
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Evading WAFs like Cloudflare, Akamai & AWS Cloudfront Creating your…
Stop Judging AI Using Standards You Don’t Apply to Humans
I know AI is stupid because it can’t count the b’s in “blueberry” the same way I know Einstein was stupid because he could barely…
AI Might Make Everything Amazing
The incredible benefits that could arrive within 5-10 years August 14, 2025 What I wanna talk about is: if we get AGI or ASI, we…
![[tl;dr sec] #292- HTTP/1.1 must die, AI + SAST, Google's Insider Threat Detection Tool](https://image.cybernoz.com/wp-content/uploads/2025/08/tldr-sec-292-HTTP11-must-die-AI-SAST-Googles.png)
[tl;dr sec] #292- HTTP/1.1 must die, AI + SAST, Google’s Insider Threat Detection Tool
James Kettle argues HTTP/1.1 can never be fully secured, augmenting static analysis with LLMs, Google’s talk + OSS tool for detecting malicious insiders I hope…