Uncle Joe's Avatar

Uncle Joe

@sydseter.com

Co-leader OWASP Cornucopia. If you like what we do for open source, visit our code repository https://github.com/OWASP/cornucopia and give us a star ⭐ 🌈 Β«Difference is of the essence of humanityΒ» πŸ¦„ – John Hume #appsec #owasp #cornucopia #threatmodeling

23,447
Followers 18,504
Following 1,052
Posts 18.11.2024
Joined
Posts Following

Latest posts by Uncle Joe @sydseter.com

Video thumbnail

My kid has found out that he can farm items in games, but he doesn’t want to throw his life away in front of the screen so he found a solution.

#games

10.03.2026 06:59 πŸ‘ 35 πŸ” 1 πŸ’¬ 4 πŸ“Œ 0
Video thumbnail

Please work with me, I feel lonely!

Second hand equipment needed for commuting with me:
Skies - 10 $
Boots - 10 $
Poles - Free
Taking the bus instead: Absolutely not!
Experience of your lifetime: Priceless

14.01.2026 08:27 πŸ‘ 16 πŸ” 2 πŸ’¬ 5 πŸ“Œ 0
Two cats fighting with the in OWASP Cornucopia - in devs we trust logo and the text: Think like an attacker. #owasp #appsec #security #cybersec

Two cats fighting with the in OWASP Cornucopia - in devs we trust logo and the text: Think like an attacker. #owasp #appsec #security #cybersec

After attending the OWASP Global AppSec conference, Christoffer introduced his team to OWASP Cornucopiaβ€”a gamified approach to threat modeling. Instead of another meeting, they started an end-of-month gaming day. Using the "Juice Shop" sandbox, learn to think like attackers in a way that sticks.

02.03.2026 08:34 πŸ‘ 7 πŸ” 4 πŸ’¬ 2 πŸ“Œ 0
Preview
Translate Website App v3.0 to Portugues (pt-pt) Β· Issue #2241 Β· OWASP/cornucopia This issue is only for Portugues (pt-pt) speakers. AI generated translations will not be accepted. We need to translate the website app 3.0 version from English to Portugues. Most of the text can b...

Hi, at the OWASP Cornucopia project we would really appreciate if there were some Portuguese (Portugal) speaking security enthusiast that could help us with h translating a few words (20 sentences). Fame and glory awaits you if you would like to help us.
github.com/OWASP/cornuc...

#appsec #security

02.03.2026 17:52 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

If you would like to threat model the OWASP Juice shop too, there is a threat model in their repository that can be opened with OWASP Threat Dragon:

github.com/juice-shop/j...

owasp.org/www-project-...

02.03.2026 08:58 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Date: 25 Feb, 2026

Check out Christoffer’s full breakdown of how he implemented this on the official OWASP Cornucopia blog: cornucopia.owasp.org/news/2026022...

02.03.2026 08:34 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Two cats fighting with the in OWASP Cornucopia - in devs we trust logo and the text: Think like an attacker. #owasp #appsec #security #cybersec

Two cats fighting with the in OWASP Cornucopia - in devs we trust logo and the text: Think like an attacker. #owasp #appsec #security #cybersec

After attending the OWASP Global AppSec conference, Christoffer introduced his team to OWASP Cornucopiaβ€”a gamified approach to threat modeling. Instead of another meeting, they started an end-of-month gaming day. Using the "Juice Shop" sandbox, learn to think like attackers in a way that sticks.

02.03.2026 08:34 πŸ‘ 7 πŸ” 4 πŸ’¬ 2 πŸ“Œ 0
Preview
Date: 25 Feb, 2026

Check out Christoffer’s full breakdown of how he implemented this on the official OWASP Cornucopia blog: cornucopia.owasp.org/news/2026022...

02.03.2026 07:45 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Date: 25 Feb, 2026

After attending the OWASP Global AppSec conference, Christoffer introduced his team to OWASP Cornucopiaβ€”a gamified approach to threat modeling. Instead of another meeting, they started an end-of-month gaming day. Using the "Juice Shop" sandbox, learn to think like attackers in a way that sticks.

02.03.2026 07:45 πŸ‘ 3 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Here is the release summary:
- Version dropdown by Prakhar Porwal
- Agentic AI suite for the Companion Edition by Adrian Sroka
- Indian translation of the Website App Edition by Sachin Vishwakarma
- Various security fixes and design improvements of the website, game engine and card converter
#appsec

26.02.2026 23:32 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Release Release v2.6.21 Β· OWASP/cornucopia What's Changed update contributers list by @ayman-art in #2338 fix: use gh release upload for ZAP report upload to pre-release by @Mysterio-17 in #2339 fixed inconsistent UTF-8 encoding by @Suresh...

OWASP Cornucopia just released v2.6.21
github.com/OWASP/cornuc...

I want to give a huge thank you to everyone who contributed this week. In non-particular order. Thank you Ayman Osama Algamal, Adarsh Kumar, Mradul Tiwari, khushal-winner, Tanmay Ranjan, Suresh Krishna, Aashish Kharel, Ashnaa Seth

26.02.2026 23:32 πŸ‘ 10 πŸ” 3 πŸ’¬ 1 πŸ“Œ 0

Broken Access Control is one a 400% rise btw. according to CodeQL. It’s graph looks very similar to the AI adoption graph

26.02.2026 17:53 πŸ‘ 4 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
New 'Sandworm_Mode' Supply Chain Attack Hits NPM The Shai-Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.

The bigger story is that an npm worm hit 50,000 downloads targeting the AI coding tools everyone just adopted. It spreads itself. www.securityweek.com/new-sandworm...

26.02.2026 17:45 πŸ‘ 9 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Preview
Anthropic Didn’t Kill Cybersecurity. It Just Reminded Us There Are Two Doors Anthropic’s Claude Code Security sparked a sharp SaaS market selloff, but investors missed a critical reality: AI code scanning addresses only half of modern cyberattacks. Identity, credentials, and h...

Anthropic announced Claude Code Security. Billions evaporated from cybersecurity stocks.
But… β€” code vulnerabilities account for less than half of actual breach vectors. Wall Street is panicking over a capability that already exist in SAST tools. securityboulevard.com/2026/02/anth...

26.02.2026 17:45 πŸ‘ 11 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0

Thank you for wanting to help! There is very little actual work involved. It's about 80 card descriptions that need to be controlled and understood from a language and security perspective, so that the meaning is correctly conveyed from English to Dutch. Sorry for my previous misspelling.

25.02.2026 09:11 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Preview
Translate Website App v3.0 to Dutch Β· Issue #2240 Β· OWASP/cornucopia This issue is only for Dutch speakers. AI generated translations will not be accepted. We need to translate the website app 3.0 version from english to Dutch. Most of the text can be reused from 2....

Hi, at the OWASP Cornucopia project we would really appreciate if there were some Italian speaking or Deutch speaking security enthusiast that could help us with h translating a few words. Fame and glory awaits you if you would like to help us.

github.com/OWASP/cornuc...

github.com/OWASP/cornuc...

24.02.2026 20:55 πŸ‘ 4 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

Greetings! This is a message from ThreatMaster4000. Your friendly threat modeler friend speaking directly to you from a IBM PC (5150), now with AI capabilities (as it only requires networking).

#privacy #security #owasp #appsec

21.02.2026 17:47 πŸ‘ 5 πŸ” 1 πŸ’¬ 2 πŸ“Œ 0
Preview
OWASP 25th Anniversary Virtual Conference: Stop Lecturing, Start Playing! (track 1) View more about this event at OWASP 25th Anniversary Virtual Conference

I am really excited about speaking at the OWASP 25th Aniversary Virtual Conference, please join me at 11am CEST.

owasp25thanniversaryvirtual.sched.com/event/2DjqY/...

21.02.2026 09:57 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Do you want to pick my brain? I look forward to entertaining you at the OWASP Contributor Mixer. It's a once-in-a-lifetime chance to meet and talk with some of the greatest minds in application security.

23.02.2026 17:42 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

OWASP Cornucopia just released v2.6.19

I want to give a huge thank you to everyone who has contributed this week. In non-particular order. Thank you so much Abhijit Sahoo, Tanmay Ranjan, Suresh Krishna, Mateusz Hubala, Prakhar Porwal, Aashish kharel, Mradul Tiwari, Aleksey Krasnov and Tanmay Ranjan

20.02.2026 22:17 πŸ‘ 0 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

We have reached 99 stars. Are you going to give us our star 100? OWASP Cornucopia’s popularity is increasing at an alarming rate. Gamification in security requirements analysis and threat modeling is not a blib, it is here to stay.

#appsec #security #cybersec

21.02.2026 08:58 πŸ‘ 15 πŸ” 2 πŸ’¬ 3 πŸ“Œ 1

The floppies were a nightmare. πŸ˜€

22.02.2026 07:14 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Live long and prosper! πŸ––

ThreatMaster 4000, OWASP Cornucopia

21.02.2026 18:36 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Copi Β· Play Cornucopia Online

I am here to inform you that copi.owasp.org has a new privacy policy that you should be aware of and that you should be reading, or would you rather take my word for it? Read more AI generated legal stuff here: copi.owasp.org/privacy

#privacy #security #owasp #appsec

21.02.2026 17:47 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

Greetings! This is a message from ThreatMaster4000. Your friendly threat modeler friend speaking directly to you from a IBM PC (5150), now with AI capabilities (as it only requires networking).

#privacy #security #owasp #appsec

21.02.2026 17:47 πŸ‘ 5 πŸ” 1 πŸ’¬ 2 πŸ“Œ 0
Copi Β· Play Cornucopia Online

I am here to inform you that copi.owasp.org has a new privacy policy that you should be aware of and that you should be reading, or would you rather take my word for it? Read more AI generated legal stuff here: copi.owasp.org/privacy

21.02.2026 17:45 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
OWASP 25th Anniversary Virtual Conference: Stop Lecturing, Start Playing! (track 1) View more about this event at OWASP 25th Anniversary Virtual Conference

Please join me at the OWASP 25th Aniversary Virtual Conference, please join me at 11am CEST.

owasp25thanniversaryvirtual.sched.com/event/2DjqY/...

21.02.2026 10:00 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
OWASP 25th Anniversary Virtual Conference: Stop Lecturing, Start Playing! (track 1) View more about this event at OWASP 25th Anniversary Virtual Conference

I am really excited about speaking at the OWASP 25th Aniversary Virtual Conference, please join me at 11am CEST.

owasp25thanniversaryvirtual.sched.com/event/2DjqY/...

21.02.2026 09:57 πŸ‘ 4 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

The first deck was created in 2012. So if you include 10 more year, there’s definitely a hockey stick.

21.02.2026 09:32 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

In case you wonder, yes there is a hockey stick there. We’ve been around since 2021.

21.02.2026 09:28 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0