Reference architecture: Customer-support AI with per-customer isolation I’ve been working on a secure architecture for giving an LLM-based support assistant access to customer data while ensuring strict per-customer isolation and auditability. Here’s what I came up with. High-level goals Least...
AppSec with Jenkins Forked OWASP’s Vulnerable-Web-Application for this excersise. The plan is to have security tools run in Jenkins every time we have a new build from the project. Our security team will track diff’s of the security tooling output...
Goal: Using any resource available online build a web server and provide evidence of a vulnerability or penetration test for any of the OWASP 10 vulnerabilities.
This is a walk-through of CTF challenge Mr-Robot: 1. I downloaded the target VM image from vulhub and booted it in VMware. My source machine is a Kali Linux image, also running on VMware. All my engagements start with netdiscover,...
This is a walk-through of CTF challenge Brainpan: 1. I downloaded the target VM image from vulhub and booted it in VMware. My source machine is a Kali Linux image, also running on VMware. All my engagements start with netdiscover,...