Investing in Cloud Development Environments has enabled companies to successfully integrate AI coding agents, enhancing development efficiency and security.
About:
The author of the website is associated with 'High Signal Security', which is described as 'YAIB (Yet Another Infosec blog)'. The site focuses on information security topics.
Website:
Specializations:
Outgoing Links:
Subscribe to RSS:
Establishing 'Floors' and 'Ceilings' in research planning helps teams balance risk and ambition, ensuring value and encouraging innovation.
The blog post discusses common pitfalls in cybersecurity vendor research, referred to as 'sins.' It emphasizes the importance of building media literacy and maintaining credibility by avoiding fear-based marketing, false novelty, ...
The text discusses the tj-actions attack and reveals that the attacker hit two other targets on December 5th. It also mentions the attacker's first activity and the tools used to generate the payload. The author assumes that the a...
...
0🔗 [SentinelOne] Prioritizing CVEs in the Cloud
2025-05-15 •
...
...
0🔗 [Wiz] Research Briefing: MCP Security
2025-04-17 •
...
...
0Why I’m Joining Wiz
2025-01-27 •
The author discusses joining Wiz as a Principal Security Researcher, highlighting the company's growth, the evolution of cloud security, the team, values, product, and future goals.
0How to Say “No” Well
2024-12-30 •
The text discusses the importance of saying 'No' in the context of security, emphasizing that it is a necessary tool for risk management. It highlights the pitfalls of saying 'No' poorly and provides strategies for saying 'No' con...
The text discusses the 'state of cloud security' reports published by cloud security companies, highlighting the potential biases and limitations in the data presented. It questions the accuracy and relevance of the findings, sugg...
0The First Security Hire Rule of Thumb
2024-11-20 •
The text discusses the ideal time to hire the first security person for a company, offering both quantitative and qualitative guidance. It emphasizes the importance of security work already happening and being meaningful, and prov...
0Answering “Dumb Security Questionnaires”
2024-10-07 •
The text discusses the issue of security questionnaires and how to handle them. It provides tips for dealing with common questions and offers advice on how to navigate the process. It also mentions emerging options for managing th...
0FinOps Security
2024-09-16 •
The text discusses the overlap between FinOps and Security, highlighting the opportunities for security teams to impact the bottom line by addressing financial accountability in cloud architecture and investment decisions. It emph...
0Scorecarding Security
2024-09-12 •
The text discusses the concept of scorecarding in security programs, highlighting its prominence in organizations that take a partnership-based approach to security. It outlines case studies from companies like Chime, Netflix, Git...
...
0🔗 [Tracebit] The Security Canary Maturity Model
2024-09-10 •
...
0🔗 [Wiz] Leaking Secrets in the Age of AI
2025-06-18 •
...
0🔗 [Wiz] Rules Files for Safer Vibe Coding
2025-06-06 •
...
0🔗 [Wiz] Snipping the Long Tail of Shai-Hulud 2.0
2025-12-30 •
...