@artais.bsky.social
Scanners miss real TLS/PKI issues that clients encounter; like incomplete chains and trust path errors. We break down why this happens and how to test properly in practice.
Read the full post: artais.io/blog/tlspki-...
#PKI #TLS #AppSec #Pentest #infosec
Read the full post: artais.io/blog/tlspki-...
#PKI #TLS #AppSec #Pentest #infosec
TLS/PKI Testing in Practice: What Scanners Miss — ARTAIS
Automated scanners can't catch every TLS or PKI flaw, especially those that only appear in real-world client scenarios. In this post, we break down why common tools fall short and how practical, clien...
artais.io
January 14, 2026 at 10:04 PM
From the Blue: Focused Hunts has made a scroll-breaker 𝗴𝗮𝗺𝗲 where you help 𝘀𝘁𝗼𝗽 𝗮𝗻 𝗮𝗰𝘁𝗶𝘃𝗲 𝘁𝗵𝗿𝗲𝗮𝘁.
Real decisions, real-time pressure, simple score at the end. Takes about 𝟯-𝟱 𝗺𝗶𝗻𝘂𝘁𝗲𝘀 𝗽𝗲𝗿 𝘀𝘁𝗼𝗿𝘆. You'll get a score at the end.
#threathunting
lnkd.in/gkpNBjie
Real decisions, real-time pressure, simple score at the end. Takes about 𝟯-𝟱 𝗺𝗶𝗻𝘂𝘁𝗲𝘀 𝗽𝗲𝗿 𝘀𝘁𝗼𝗿𝘆. You'll get a score at the end.
#threathunting
lnkd.in/gkpNBjie
A small gift to start the 𝗻𝗲𝘄 𝘆𝗲𝗮𝗿: we made a scroll-breaker 𝗴𝗮𝗺𝗲 where you help 𝘀𝘁𝗼𝗽 𝗮𝗻 𝗮𝗰𝘁𝗶𝘃𝗲 𝘁𝗵𝗿𝗲𝗮𝘁. 🎯
Real decisions, real-time pressure, simple score at the… | Focused Hunts
A small gift to start the 𝗻𝗲𝘄 𝘆𝗲𝗮𝗿: we made a scroll-breaker 𝗴𝗮𝗺𝗲 where you help 𝘀𝘁𝗼𝗽 𝗮𝗻 𝗮𝗰𝘁𝗶𝘃𝗲 𝘁𝗵𝗿𝗲𝗮𝘁. 🎯
Real decisions, real-time pressure, simple score at the end. Takes about 𝟯-𝟱 𝗺𝗶𝗻𝘂𝘁𝗲𝘀 𝗽𝗲𝗿 𝘀𝘁𝗼𝗿...
www.linkedin.com
January 12, 2026 at 11:31 PM
From the Blue: Focused Hunts has made a scroll-breaker 𝗴𝗮𝗺𝗲 where you help 𝘀𝘁𝗼𝗽 𝗮𝗻 𝗮𝗰𝘁𝗶𝘃𝗲 𝘁𝗵𝗿𝗲𝗮𝘁.
Real decisions, real-time pressure, simple score at the end. Takes about 𝟯-𝟱 𝗺𝗶𝗻𝘂𝘁𝗲𝘀 𝗽𝗲𝗿 𝘀𝘁𝗼𝗿𝘆. You'll get a score at the end.
#threathunting
lnkd.in/gkpNBjie
Real decisions, real-time pressure, simple score at the end. Takes about 𝟯-𝟱 𝗺𝗶𝗻𝘂𝘁𝗲𝘀 𝗽𝗲𝗿 𝘀𝘁𝗼𝗿𝘆. You'll get a score at the end.
#threathunting
lnkd.in/gkpNBjie
Not all web vuln findings need to be critical to be valuable. We break down how low-risk issues at scale can improve security posture.
Read more: artais.io/blog/informa...
#AppSec #WebSecurity
Read more: artais.io/blog/informa...
#AppSec #WebSecurity
Informational and Low-Risk Web Findings at Scale: Headers, Cookies, and 'Quick Wins' Done Rigorously — ARTAIS
Passive web findings (headers, cookies, CSP, CORS) are often dismissed as “low severity noise.” Done rigorously, they’re a scalable way to surface real risk, reduce false positives, and turn scanner o...
artais.io
January 12, 2026 at 11:27 PM
Not all web vuln findings need to be critical to be valuable. We break down how low-risk issues at scale can improve security posture.
Read more: artais.io/blog/informa...
#AppSec #WebSecurity
Read more: artais.io/blog/informa...
#AppSec #WebSecurity
Shipping AI without threat modeling is just automating risk. Prompt injection, model abuse, data exfil; same attacker mindset, new surface area. Secure the pipeline, not just the model.
#AISecurity #LLMSecurity #AppSec #OffensiveSecurity
#AISecurity #LLMSecurity #AppSec #OffensiveSecurity
January 2, 2026 at 9:16 PM
Shipping AI without threat modeling is just automating risk. Prompt injection, model abuse, data exfil; same attacker mindset, new surface area. Secure the pipeline, not just the model.
#AISecurity #LLMSecurity #AppSec #OffensiveSecurity
#AISecurity #LLMSecurity #AppSec #OffensiveSecurity
AI doesn’t remove risk—it accelerates it. Prompt injection, data leakage, model abuse. Treat LLMs like hostile input processors, not magic boxes. Threat model your AI.
#AISecurity #AppSec #LLMSecurity #DevSecOps
#AISecurity #AppSec #LLMSecurity #DevSecOps
December 26, 2025 at 4:28 PM
AI doesn’t remove risk—it accelerates it. Prompt injection, data leakage, model abuse. Treat LLMs like hostile input processors, not magic boxes. Threat model your AI.
#AISecurity #AppSec #LLMSecurity #DevSecOps
#AISecurity #AppSec #LLMSecurity #DevSecOps
View from the blue: Pro-Russia hacktivists are abusing exposed OT VNC to hit critical infrastructure. Downtime, disruption, danger. Lock down remote access, segment networks, monitor VNC, and hunt brute force activity. #CyberSecurity #OT #ThreatHunting
www.focusedhunts.com/blog/hunting...
www.focusedhunts.com/blog/hunting...
Hunting Pro-Russia Hacktivists Targeting OT VNC | Focused Hunts
Learn how to detect and defend against opportunistic Pro-Russia hacktivists (CARR, Z-Pentest) exploiting exposed OT VNC connections in critical infrastructure.
www.focusedhunts.com
December 12, 2025 at 3:09 PM
View from the blue: Pro-Russia hacktivists are abusing exposed OT VNC to hit critical infrastructure. Downtime, disruption, danger. Lock down remote access, segment networks, monitor VNC, and hunt brute force activity. #CyberSecurity #OT #ThreatHunting
www.focusedhunts.com/blog/hunting...
www.focusedhunts.com/blog/hunting...
AI will replace pen testers? With controls like Anthropic's Constitutional Classifiers blocking testing techniques . . . not so sure anymore. #cybersecurity #pentesting #AI
December 11, 2025 at 5:35 PM
AI will replace pen testers? With controls like Anthropic's Constitutional Classifiers blocking testing techniques . . . not so sure anymore. #cybersecurity #pentesting #AI
From a red-team lens React2Shell is ideal: pre-auth RCE over the same Flight channel your app already trusts, no noisy SQLi/XSS patterns, mostly “normal” POSTs. If your logs don't parse RSC/Flight requests by size, shape, errors, and headers, you'll just see exploit traffic as more UI churn.
December 9, 2025 at 6:25 PM
From a red-team lens React2Shell is ideal: pre-auth RCE over the same Flight channel your app already trusts, no noisy SQLi/XSS patterns, mostly “normal” POSTs. If your logs don't parse RSC/Flight requests by size, shape, errors, and headers, you'll just see exploit traffic as more UI churn.
The FCC just rolled back key telecom cybersecurity rules. Artais breaks down what this means for enterprise risk and the steps teams should take now to stay protected.
artais.io/blog/reality...
artais.io/blog/reality...
Reality Check: What the FCC Telecom Cybersecurity Rollback Means for Enterprise Security — ARTAIS
The FCC voted on November 20, 2025 to eliminate federal cybersecurity requirements for telecom carriers, removing mandatory risk management plans, certifications, and protections against unauthorized ...
artais.io
December 2, 2025 at 1:30 AM
The FCC just rolled back key telecom cybersecurity rules. Artais breaks down what this means for enterprise risk and the steps teams should take now to stay protected.
artais.io/blog/reality...
artais.io/blog/reality...