May 22, 2026
•
4 min read
The myth of human-free automation, becoming an AI fleet-director, the return of Crocs and Socks - the basics
May 18, 2026
5 min read
ShinyHunters breaching the normie space, LLMs as artificial interns, and the implications of AI from the defensive side of the house.
Apr 28, 2026
Vercel and the risks of AI third-party dependencies, what security is and is not, and planning the potential funeral of pull request flows in the SDLC.
Apr 20, 2026
On Seth's recent Slack impersonator and fallout, Anthropic's Mythos in the news everywhere, and the future of vulnerability research
Apr 10, 2026
8 min read
On RSAC and BSidesSF, AI snake-oil salesmen, and the myth of the One True Secure Framework.
Mar 27, 2026
9 min read
On democratizing vulnerability management, executive positions, and non-linear career growth--all the way back from 2023.
Mar 20, 2026
On the Agentic Development Lifecycle
Mar 6, 2026
On the Risks of "AI-Native" Security Products and Rapid Software Development
Mar 2, 2026
LLM AppSec Disruption, Limitations of AI in Security, and AppSec Oversight
Feb 20, 2026
A cost/benefit analysis of vibe coding and the subsequent security burnout, and the potential democratizing of responsibility through AppSec scorecards.
Feb 13, 2026
Feb 6, 2026
7 min read
How AI tooling is transforming the security industry, development velocity, and what the malware campaign targeting ClawHub can teach us.
