AI Security Protecting Against Data Leaks in LLM-Powered Chatbots and Conversational AI As Large Language Models (LLMs) become deeply integrated into customer-facing chatbots and internal conversational AI systems, a critical security challenge has emerged: data leakage. Organizations are discovering that these powerful AI assistants can inadvertently expose sensitive information, proprietary data, and confidential business logic. In this post, we'll explore the risks,
cybersecurity OpenClaw: When AI Agents Go Wild A Cybersecurity Nightmare The viral AI assistant everyone's installing is a masterclass in what happens when convenience trumps security TL;DR OpenClaw (formerly Moltbot/Clawdbot) is an open-source AI agent that manages your email, calendar, WhatsApp, and more through chat interfaces. It's gone massively viral with 180,000+ developers adopting
AI Security The Basics of AI Agent Security The Basics of AI Agent Security Prompt injection is a fundamental, unsolved weakness in all LLMs. With prompt injection, certain types of untrustworthy strings or pieces of data can cause unintended consequences when passed into an AI agent's context window, like ignoring instructions and safety guidelines or executing unauthorized tasks.
security The Security Leader's Guide to Evaluating New Tools and Processes AI leaders are often in the position to have to evaluate new security tools without necesarily being embedded in the day to day use of that very tool. How do leaders not fall into analysis paralysis, or fall into shiny object syndrome? Over my years in consulting I've developed an
AI Detecting LLM writing in Text LLMs are harder and harder to detect in text, and detection vary between models. In this article I will explore a couple of easy and hard methods to find LLM generated text. This is not foolproof so please don't rely on it. Linguistic and Stylistic Recognition First, detecting AI-generated text
AI Security MCP Security Vulnerabilities: A Quick Weekend List The Model Context Protocol (MCP) is revolutionizing how AI agents interact with external tools, but this power comes with serious security implications that most organizations are overlooking. Here are 15 critical security issues with MCP - short and sweet so you can read it quickly.
Docker And Why It Adds False Security: A Deep Dive into Docker Risks and Fixes Docker has revolutionized the way we build, ship, and run applications by leveraging containerization. However, beneath its convenience lies a critical concern: if not secured properly, breaking out of a Docker container to gain access to the host system is alarmingly easy. This article explores why Docker containers can be
OWASP Understanding the OWASP Top 10 for LLMs: Risks and Controls Understanding the OWASP Top 10 for LLMs: Risks and Controls 1. Prompt Injection Prompt injection occurs when malicious inputs manipulate a Large Language Model (LLM) into executing unintended actions or revealing sensitive data. Attackers craft inputs that override the model’s instructions, potentially leading to data leaks or unauthorized actions.
AI The AI Revolution: Why Discernment is the Skill of Tomorrow The AI Revolution: Why Discernment is the Skill of Tomorrow Introduction In a world where artificial intelligence (AI) can write essays, design logos, compose music, and even debug code, the traditional markers of expertise are being redefined. Much like the rise of digital tools transformed industries in the past, AI
Harnessing AI for Shadow IT Discovery: A Technical Dive Harnessing AI for Shadow IT Discovery: A Technical Dive Shadow IT—those unauthorized applications and services employees use outside the purview of IT departments—poses a significant challenge for organizations. It can lead to security vulnerabilities, compliance issues, and operational inefficiencies. Discovering and managing these hidden tools is no small
AI Vibe Coding: A Security Minefield for Software Developers Let’s dive straight into the gritty reality of “vibe coding”—the practice of letting AI write code for you. It’s tempting, right? Tools like GitHub Copilot or ChatGPT spit out code in seconds, saving you hours of typing. But here’s the catch: this convenience can be a
Model Context Protocol: Building Secure Data Connections for AI Applications What is the Model Context Protocol (MCP)? The Model Context Protocol (MCP) is an open standard designed to create secure, bidirectional connections between data sources and AI applications. Instead of building custom integrations for each data source, MCP provides a standardized way for AI systems (clients) to access and interact
LLM Inference Sampling Methods Sampling methods in large language models are essential for fine-tuning the balance between accuracy and diversity in generated responses. Here’s a deeper dive into various sampling techniques—temperature sampling, top-K, top-P (nucleus sampling), min-P, and beam search—along with guidance on when to apply each. 1. Temperature SamplingTemperature adjusts
Detecting AI-Generated Images Using Entropy Analysis Professional researchers (and myself) have been exploring ways to distinguish AI-generated images from real ones every since they took over certain social media. In this blog post I present a way to detect AI-generated pixel images, by analyzing the randomness of each RGB channel using local entropy calculations. The Process
Mastering Risk Assessments: Leveraging CIA, STRIDE, and MITRE ATT&CK In my years working in cybersecurity, I've learned that thorough risk assessments are key to protecting a company's assets. Over time, I've put together a process that combines the CIA triad, STRIDE methodology, and the MITRE ATT&CK framework to cover all our bases. I start by looking at
Context-Dependent Sentence Detection in LLM Caching Pipelines Building an effective caching pipeline is extremely important to keep costs down and improve the user experience by lowering latency. However, we'll run into one pesky issue immediately: How do we determine which user prompts to cache, and which to ignore? For example: Say you have a user question "
Just-in-Time Coding: The Future of AI-Driven Software Development As an AI enthusiast and software developer, I've been closely following the rapid advancements in artificial intelligence and its potential impact on the world of computing. One concept that particularly excites me is what I call "just-in-time coding" – a future where code is generated on-demand, based on the
Building a Binary Classifier in Keras for Splunk Logs As a data scientist, I recently worked on a project where I needed to build a binary classifier to analyze Splunk logs. I decided to use Keras, a powerful and user-friendly deep learning library, to tackle this task. Here's how I went about creating a simple binary classifier in Keras
Top 10 OWASP Vulnerabilities and Python Scripts to Test Them Injection: Injection vulnerabilities occur when untrusted data is sent to an interpreter as part of a command or query. To test for injection vulnerabilities using Python, you can use the requests library to send payloads and analyze the responses. Here's an example script to test for SQL injection: import requests
The Crucial Role of Identity Management in Ensuring Business Continuity As a seasoned IT professional, I cannot stress enough the importance of a robust identity management program in maintaining business continuity. In today's digital landscape, where cyber threats loom large and data breaches can cripple organizations, implementing a comprehensive identity management solution is no longer a luxury but a necessity.
Leveraging the MITRE ATT&CK Framework for Effective Detection and Response The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework has become an essential tool for organizations looking to strengthen their cybersecurity posture. This comprehensive matrix provides a structured approach to understanding and defending against the various tactics, techniques, and procedures (TTPs) employed by adversaries. By mapping out
OWASP Risk Rating Methodology: A Guide to Web Security Assessment Introduction Web security is a critical concern for organizations of all sizes. The Open Web Application Security Project (OWASP) provides a comprehensive framework for assessing and mitigating web application security risks. The OWASP Risk Rating Methodology is a key component of this framework, enabling security professionals to prioritize and address
Selecting and Creating Detection Rules with Syslog and Splunk In today's cybersecurity landscape, effective detection rules are crucial for identifying and mitigating potential threats. Syslog, a standard protocol for logging system events, can be leveraged to create powerful detection rules. By ingesting these rules into Splunk, a leading security information and event management (SIEM) platform, organizations can enhance their
framework Detection & Response - Introduction What is Detection and Response?Detection and Response (not DR - Disaster Recovery) in cybersecurity refers to the basic processes and techniques used to detect and respond to cyber threats. Detection:Monitoring: Continuous monitoring of network and device activity to identify abnormal behavior.Log Management: Gathering and analyzing logs from
Detection & Response - Alert Deployment and Tuning This post is about log monitoring basics, including log deployment and tuning.
