We go deep on LLMs and generative AIs to shine a light on areas that security leaders should focus on. There are technical concerns like prompt injection and access controls, and privacy concerns in training and usage. But there are also areas where security tools are starting to address these concerns as well as areas where security tools are adop...
Aqua Security reported that at least 60% of the Kubernetes clusters they researched were breached and had an active campaign with deployed malware and backdoors.
By focusing on risk and better understanding the evolving threat landscape and how it affects the software supply chain, developers and security teams can make enterprise environments more secure.
Mature shops should be looking to a security architecture process to help scale their systems and embrace security by design. We talk about what it means to create a security architecture process, why it's not just another security review, and why it requires security to dig into engineering.
Segment Resources:
https://www.lacework.com/ciso-boar...
Zap gets a jolt of new support, using Clang for security research, LLM attacks learn models, Rust visualizes dependencies, a National Cyber Workforce and Education Strategy, and more!
Zenbleed in AMD, Google's TAG sees a drop in zero-days, new security testing handbook from Trail of Bits, Phil Venables' advice on public speaking, car battery monitor that monitors location(!?), more news on TETRA