#prodsec

@xint-io.bsky.social

3 days ago

Xint_OSS_Research_Paper_gate Research paper summarizing pentesting-like results from AI

1/3 Finding bugs was never the hard part - for #prodsec teams the real challenge was finding the real exploitable bugs that could hurt the business.
go.xint.io/xint_oss_res...

0 0 1 0

hoodie🐴

@hoodiepony.com

3 months ago

Post-mortem of Shai-Hulud attack on November 24th, 2025 - PostHog At 4:11 AM UTC on November 24th, a number of our SDKs and other packages were compromised, with a malicious self-replicating worm - Shai-Hulud 2.…

ICYMI
This is an excellent read, postmortem and lessons from PostHog which was a victim of a software supply chain attack.
posthog.com/blog/nov-24-...

#appsec #prodsec

2 0 0 0

Checkmarx Zero

@checkmarxzero.bsky.social

5 months ago

🧊 #Kubernetes C# client cert validation (#CVE-2025-9708). Impact: potential man-in-the-middle when using custom CA configurations. Fix: v17.0.14+. Interim: move custom #CA from kubeconfig into system trust store to raise exploit difficulty. #ProdSec #MitM 🧵 3/3

1 0 0 0

Lisi Hocke

@lisihocke.bsky.social

6 months ago

And yet, it paid off. Had an insightful conversation with folks, we all learned from each other, and we paved the way for future small, lean modeling sessions. Huge win! 🎉 #AppSec #ProdSec 2/2

2 0 0 0

Threat Model Us

@threatmodel.us

7 months ago

We’re live at DEF CON! Come visit us at 110 in Hall 1 and/or register at threatmodel.us

#DEFCON #DC33 #DEFCON33 #ThreatModeling #AppSec #InfoSec #ProdSec

2 1 0 0

Threat Model Us

@threatmodel.us

7 months ago

Registration is open for DC's Next Top Threat Model at
DEF CON 33. Visit threatmodel.us to learn more about our contest and register.

@defcon.bsky.social #DEFCON #DEFCON33 #DC33 #AppSec #InfoSec #ProdSec #ThreatModeling

2 1 0 0

Lisi Hocke

@lisihocke.bsky.social

7 months ago

And to build on the streak started the last years at #SoCraTes: "Capture the Flag Together" to practice #security testing hands-on in a collaborative way. 🙌🏻 Thanks to all the amazing folks who joined and made it a great learning experience! 😃 #AppSec #ProdSec

2/2

1 0 1 0

Open Security Conference

@opensecurityconf.bsky.social

8 months ago

Values Welcome to the Open Security Conference (osco), the people-centred international gathering for everyone interested in cybersecurity. Join us 2-5 October 2025 in Rückersbach, Germany.

Open space, from the community for the community, including everyone interested in cybersecurity. What we value: opensecurityconference.org/about/values/

➡️ Register now: opensecurityconference.org/conference/r...

#osco #osco25 #CyberSecurity #Security #InfoSec #AppSec #ProdSec [lisi]

2/2

5 2 0 0

Checkmarx Zero

@checkmarxzero.bsky.social

9 months ago

#InfoSec organizations (and especially #ProdSec and #AppSec) have a big challenge ahead of them to stay out in front of the rapidly-changing threat landscape for #LLM. We can't rely on providers like Hugging Face to solve the problem for us.

1 1 0 0

Open Security Conference

@opensecurityconf.bsky.social

10 months ago

Let's stay curious for each other's needs, and that includes our own needs as well.

accessibility.day

#GlobalAccessibilityAwarenessDay #accessibility #a11y #inclusion #osco #osco25 #CyberSecurity #Security #InfoSec #AppSec #ProdSec #OTsecurity [lisi]

4/4

1 1 0 0

Darren Meyer

@darrenpmeyer.bsky.social

1 year ago

Endor Labs made the #Cyber60 List, again! 🎉 Always appreciate recognition of our ability to solve real problems in #AppSec from organizations like Fortune and Lightspeed

Get the report PDF with the full list direct from Lightspeed at https://buff.ly/48AmuzG

#ProdSec #SCA #FortuneCyber60

2 0 0 0

Posts tagged #prodsec