![[tl;dr sec] #284 - Google Cloud CISO Interview, AWS Threat Technique Catalog, Finding Secrets with AI](https://image.cybernoz.com/wp-content/uploads/2025/06/tldr-sec-284-Google-Cloud-CISO-Interview-AWS-Threat.png)
[tl;dr sec] #284 – Google Cloud CISO Interview, AWS Threat Technique Catalog, Finding Secrets with AI
4 ways Google uses AI for security, catalog of AWS threat actor techniques, training a custom small language model to find secrets I hope you’ve…
Category: Mix
Five Uncomfortable Truths About LLMs in Production — API Security
Many tech professionals see integrating large language models (LLMs) as a simple process -just connect an API and let it run. At Wallarm, our experience…
Integrating Mermaid.js in Zola | HAHWUL
Applying and optimizing Mermaid.js in Zola, a Rust-based static site generator Mermaid.js is a powerful library that lets you create various diagrams using Markdown-like syntax.…
Cracking compliance. How Intigriti’s PTaaS supports CREST, DORA, GDPR, and ISO
Penetration Testing as a Service (PTaaS) must align with core industry standards, regulations, and certifications. This is usually done to meet legal compliance, uphold industry…
Server-Side Template Injection (SSTI): Advanced Exploitation Guide
Server-side template injection (SSTI) vulnerabilities still remain present in modern applications as developers continue to struggle with implementing proper input validations everywhere. And yet, despite…
The Art of Agentic Coding
The coding paradigm is rapidly changing with AI. I’ve heard the term ‘Vibe Coding’ being thrown around, but honestly, I’m not quite sure what to…
Intigriti Bug Bytes #225 – June 2025
Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Becoming an Intigriti Pentester Exploiting CORS in 2025 (even when SameSite…
Two months of Burp AI: empowering security testers with the future of AppSec | Blog
Amelia Coen | 13 June 2025 at 13:51 UTC It’s been a whirlwind two months since AI-powered features landed in Burp Suite Professional. Thousands of…
![[tl;dr sec] #283 - Awesome Black Hat Tools, Evading EDR, Disrupting Malicious Uses of AI](https://image.cybernoz.com/wp-content/uploads/2025/06/tldr-sec-283-Awesome-Black-Hat-Tools-Evading-EDR.png)
[tl;dr sec] #283 – Awesome Black Hat Tools, Evading EDR, Disrupting Malicious Uses of AI
Huge list of tools presented at various Black Hat conferences, how attackers evade modern EDR, OpenAI’s report on threat actor campaigns they’ve disrupted I hope…
Rick Bohm on AI, Collaboration & API Security Future
Nestled in a log cabin high in the Rocky Mountains, Rick Bohm starts his day the same way he’s approached his career: intentionally, with a…
Security maturity, complexity, and bug bounty program effectiveness: A deep dive
There are three key elements that, when combined, support the planning of a bug bounty program to attract the right researchers. These three components are…
Why Google I/O Scared This 2007 Apple Fanboy for the First Time
As an Apple Fanboy going back to 2007, this is the first year I’ve felt fear for Apple’s future. And after just watching Apple’s WWDC…