Securely Built
@securelybuilt.bsky.social
Securely Built is on the hunt for insecurity in the world where we can leverage our decades of experience in cyber and engineering to banish insecure technology from whence it came. Find out more at: securelybuilt.com
New #book release on #threatmodeling. See link below:
October 31, 2025 at 3:50 PM
New #book release on #threatmodeling. See link below:
October 29, 2025 at 2:32 PM
While I'm bummed that Sir David Attenborough didn't narrate this, I'm thrilled to announce that this book has been provided in audio format!
You can use the "laappsec40" code at checkout to get 40%
Learn everything from tooling and pipeline development to setting up a #security program.
#appsec
You can use the "laappsec40" code at checkout to get 40%
Learn everything from tooling and pipeline development to setting up a #security program.
#appsec
September 11, 2025 at 10:50 AM
Today's job market.
August 26, 2025 at 11:10 AM
Today's job market.
July 23, 2025 at 1:56 PM
If you're in the Nashville area, consider attending the ISSA InfoSec Nashville conference on September 22-23!
I'll be presenting on how AI agents can reshape the way security teams manage their threat surface.
I'll be presenting on how AI agents can reshape the way security teams manage their threat surface.
July 21, 2025 at 12:46 PM
If you're in the Nashville area, consider attending the ISSA InfoSec Nashville conference on September 22-23!
I'll be presenting on how AI agents can reshape the way security teams manage their threat surface.
I'll be presenting on how AI agents can reshape the way security teams manage their threat surface.
Representing at Boardwalk Bytes in Atlantic City!
July 11, 2025 at 5:41 PM
Representing at Boardwalk Bytes in Atlantic City!
🚨 First zero-click AI agent attack discovered: "EchoLeak" hijacked Microsoft 365 Copilot via email with hidden instructions. No user interaction needed. Same design flaw from 1990s software - AI can't separate instructions from data. We're repeating history 🤖 #AISeсurity
www.msn.com/en-us/news/t...
www.msn.com/en-us/news/t...
June 12, 2025 at 1:42 PM
🚨 First zero-click AI agent attack discovered: "EchoLeak" hijacked Microsoft 365 Copilot via email with hidden instructions. No user interaction needed. Same design flaw from 1990s software - AI can't separate instructions from data. We're repeating history 🤖 #AISeсurity
www.msn.com/en-us/news/t...
www.msn.com/en-us/news/t...
May 21, 2025 at 10:12 PM
Remember, nothing is free!
May 14, 2025 at 11:45 PM
Remember, nothing is free!
Busiest month in a LONG time:
Had the pleasure of moderating a panel SecureWorld!
Went to Dallas for the WiCyS conference and managed to sneak out to Deep Ellum for BBQ.
Ran a 5.5 hours of pure pain-in-the-rain Spartan!
Spoke at RSA Conference on some of the challenges with getting hired in.
Had the pleasure of moderating a panel SecureWorld!
Went to Dallas for the WiCyS conference and managed to sneak out to Deep Ellum for BBQ.
Ran a 5.5 hours of pure pain-in-the-rain Spartan!
Spoke at RSA Conference on some of the challenges with getting hired in.
May 6, 2025 at 4:39 PM
Busiest month in a LONG time:
Had the pleasure of moderating a panel SecureWorld!
Went to Dallas for the WiCyS conference and managed to sneak out to Deep Ellum for BBQ.
Ran a 5.5 hours of pure pain-in-the-rain Spartan!
Spoke at RSA Conference on some of the challenges with getting hired in.
Had the pleasure of moderating a panel SecureWorld!
Went to Dallas for the WiCyS conference and managed to sneak out to Deep Ellum for BBQ.
Ran a 5.5 hours of pure pain-in-the-rain Spartan!
Spoke at RSA Conference on some of the challenges with getting hired in.
Check out this article on a recent vulnerability discovered with coding agents.
securelybuilt.substack.com/p/double-age...
#ai #appsec #cybersecurity #softwaredevelopment
securelybuilt.substack.com/p/double-age...
#ai #appsec #cybersecurity #softwaredevelopment
April 25, 2025 at 12:15 AM
Check out this article on a recent vulnerability discovered with coding agents.
securelybuilt.substack.com/p/double-age...
#ai #appsec #cybersecurity #softwaredevelopment
securelybuilt.substack.com/p/double-age...
#ai #appsec #cybersecurity #softwaredevelopment
Remember....saying "thank you" is only appropriate in certain circumstances, and definitely not when it "costs millions of dollars" to say it.
"Recent report suggests that even a short three-word "You are welcome" response from an LLM uses up roughly 40-50 milliliters of water."
#ai #thankyou
"Recent report suggests that even a short three-word "You are welcome" response from an LLM uses up roughly 40-50 milliliters of water."
#ai #thankyou
April 21, 2025 at 10:55 PM
April 15, 2025 at 9:57 PM
Wasn't that long ago that 23andMe suffered a data breach that led to a class action suit.
The class action suit that followed the breach was a whopping 30million. Perhaps peanuts to larger organizations, but ones that aren't turning a profit as it is are not going to survive.
#databreach
The class action suit that followed the breach was a whopping 30million. Perhaps peanuts to larger organizations, but ones that aren't turning a profit as it is are not going to survive.
#databreach
March 28, 2025 at 12:46 PM
Wasn't that long ago that 23andMe suffered a data breach that led to a class action suit.
The class action suit that followed the breach was a whopping 30million. Perhaps peanuts to larger organizations, but ones that aren't turning a profit as it is are not going to survive.
#databreach
The class action suit that followed the breach was a whopping 30million. Perhaps peanuts to larger organizations, but ones that aren't turning a profit as it is are not going to survive.
#databreach
March 18, 2025 at 12:23 AM
Cybersecurity careers don’t follow a single, well-defined route.
If you're looking to break into cybersecurity—or hiring for it—check out this article on the challenges facing both entry-level folks and hiring teams.
securelybuilt.substack.com/p/the-myth-o...
#CyberSecurity #CareerPath
If you're looking to break into cybersecurity—or hiring for it—check out this article on the challenges facing both entry-level folks and hiring teams.
securelybuilt.substack.com/p/the-myth-o...
#CyberSecurity #CareerPath
March 16, 2025 at 11:32 PM
Cybersecurity careers don’t follow a single, well-defined route.
If you're looking to break into cybersecurity—or hiring for it—check out this article on the challenges facing both entry-level folks and hiring teams.
securelybuilt.substack.com/p/the-myth-o...
#CyberSecurity #CareerPath
If you're looking to break into cybersecurity—or hiring for it—check out this article on the challenges facing both entry-level folks and hiring teams.
securelybuilt.substack.com/p/the-myth-o...
#CyberSecurity #CareerPath
Manning Publishing is currently running a St. Patrick's Day sale where you can get many of their titles half-off. Even better news, you can grab the "Application Security Program Handbook" as part of this deal and elevate your #appsec knowledge!
#books #weekendreading #sale #stpatrick
#books #weekendreading #sale #stpatrick
March 15, 2025 at 6:34 PM
Manning Publishing is currently running a St. Patrick's Day sale where you can get many of their titles half-off. Even better news, you can grab the "Application Security Program Handbook" as part of this deal and elevate your #appsec knowledge!
#books #weekendreading #sale #stpatrick
#books #weekendreading #sale #stpatrick
Hang in there....it's almost Friday!
March 13, 2025 at 2:20 PM
Hang in there....it's almost Friday!
Getting hired in cyber is impossible. But it shouldn't lead to these statistics from Forbes (2023):
70% of workers admit to resume falsification; 37% say they do it frequently
76% have lied in cover letters, with 50% doing so regularly
more below....
70% of workers admit to resume falsification; 37% say they do it frequently
76% have lied in cover letters, with 50% doing so regularly
more below....
March 12, 2025 at 6:29 PM
Getting hired in cyber is impossible. But it shouldn't lead to these statistics from Forbes (2023):
70% of workers admit to resume falsification; 37% say they do it frequently
76% have lied in cover letters, with 50% doing so regularly
more below....
70% of workers admit to resume falsification; 37% say they do it frequently
76% have lied in cover letters, with 50% doing so regularly
more below....
Cybersecurity is hard.
Even for the ~1.2 millions cybersecurity workers currently in the field.
Now imagine that you don't have an advanced degree in technology or all the fancy certs in cyber.
Parents struggle to keep their kids safe online, even those with those fancy certs!
#cybersafety
Even for the ~1.2 millions cybersecurity workers currently in the field.
Now imagine that you don't have an advanced degree in technology or all the fancy certs in cyber.
Parents struggle to keep their kids safe online, even those with those fancy certs!
#cybersafety
March 10, 2025 at 4:48 PM
Cybersecurity is hard.
Even for the ~1.2 millions cybersecurity workers currently in the field.
Now imagine that you don't have an advanced degree in technology or all the fancy certs in cyber.
Parents struggle to keep their kids safe online, even those with those fancy certs!
#cybersafety
Even for the ~1.2 millions cybersecurity workers currently in the field.
Now imagine that you don't have an advanced degree in technology or all the fancy certs in cyber.
Parents struggle to keep their kids safe online, even those with those fancy certs!
#cybersafety
Perhaps this is many of the people trying to enter the #cybersecurity space?
March 8, 2025 at 6:39 PM
Perhaps this is many of the people trying to enter the #cybersecurity space?
The latest CybersecurityHQ Cyber Threat Intelligence Heat Map for March 2025 reveals a stark reality: cybersecurity threats have escalated beyond IT concerns and are endangering national security, financial stability, and global commerce.
March 7, 2025 at 1:33 PM
The latest CybersecurityHQ Cyber Threat Intelligence Heat Map for March 2025 reveals a stark reality: cybersecurity threats have escalated beyond IT concerns and are endangering national security, financial stability, and global commerce.