Uncle Joe
@sydseter.com
Co-leader OWASP Cornucopia. If you like what we do for open source, visit our code repository https://github.com/OWASP/cornucopia and give us a star ⭐
🌈 «Difference is of the essence of humanity» 🦄 – John Hume
#appsec #owasp #cornucopia #threatmodeling
🌈 «Difference is of the essence of humanity» 🦄 – John Hume
#appsec #owasp #cornucopia #threatmodeling
Did you know that according to ISO 27001, 8.28 Secure coding, pair programming, refactoring, and test-driven development are considered to be secure coding practices?
Next time someone ask, shh, just let it happen!
Next time someone ask, shh, just let it happen!
November 7, 2025 at 8:25 AM
Did you know that according to ISO 27001, 8.28 Secure coding, pair programming, refactoring, and test-driven development are considered to be secure coding practices?
Next time someone ask, shh, just let it happen!
Next time someone ask, shh, just let it happen!
OWASP Top 10 2025 is going live now at owasp.org/Top10/
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
November 6, 2025 at 7:02 PM
OWASP Top 10 2025 is going live now at owasp.org/Top10/
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
Games aren't just for fun, they're essential for our survival.
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
November 6, 2025 at 5:17 PM
Games aren't just for fun, they're essential for our survival.
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary, and is always REQUIRED!
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
November 4, 2025 at 7:07 AM
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary, and is always REQUIRED!
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
I am so tiered of explaining to people about privacy and cookies, so here is an allegory for you.
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
November 3, 2025 at 4:01 PM
I am so tiered of explaining to people about privacy and cookies, so here is an allegory for you.
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
Consult with your physician
October 31, 2025 at 6:13 AM
Consult with your physician
Don’t get too addicted to those pills. Do it on weekends when it’s fun.
October 31, 2025 at 6:08 AM
Don’t get too addicted to those pills. Do it on weekends when it’s fun.
October 30, 2025 at 7:35 AM
I am very happy to be given the opportunity to judge all the fantastic entries in this year’s CyberSec Games competition together with my fellow judges. Oh, boy have it been a tough choice. I am also very happy to say that we’ve had no information leaks yet, but stay tuned for the announcement!
October 28, 2025 at 7:02 AM
I am very happy to be given the opportunity to judge all the fantastic entries in this year’s CyberSec Games competition together with my fellow judges. Oh, boy have it been a tough choice. I am also very happy to say that we’ve had no information leaks yet, but stay tuned for the announcement!
In a recent investigation it was found that doctors would find less cancer when trusting the AI to do the work. www.thelancet.com/journals/lan...
Why? Because they trusted the AI more than their own skills. Lets be honest…
Why? Because they trusted the AI more than their own skills. Lets be honest…
August 20, 2025 at 5:02 AM
In a recent investigation it was found that doctors would find less cancer when trusting the AI to do the work. www.thelancet.com/journals/lan...
Why? Because they trusted the AI more than their own skills. Lets be honest…
Why? Because they trusted the AI more than their own skills. Lets be honest…
These new supplementary guidelines are so privacy hostile that they basically falls under the same category as surveillance. It only applies to Meta Horizon, but the ability these «safety specialists» have to spy on you now gives them the same abilities as the secret police had in Germany.
August 15, 2025 at 5:14 AM
These new supplementary guidelines are so privacy hostile that they basically falls under the same category as surveillance. It only applies to Meta Horizon, but the ability these «safety specialists» have to spy on you now gives them the same abilities as the secret police had in Germany.
Careful though! This rogue is very acquisitive of good ideas and will endlessly sling them about (with magical accuracy). Expect a fearless advocate on your team if you impress me!
August 7, 2025 at 8:06 AM
Careful though! This rogue is very acquisitive of good ideas and will endlessly sling them about (with magical accuracy). Expect a fearless advocate on your team if you impress me!
We’re not saying you have to be a D&D fan to win our gaming competition, but it might help to know there are fans on the panel*. Klaus Agnoletti is our second judge with an interest in this classic game – co-creator of the Malware and Monsters experiences at DEF CON
August 2, 2025 at 11:15 AM
We’re not saying you have to be a D&D fan to win our gaming competition, but it might help to know there are fans on the panel*. Klaus Agnoletti is our second judge with an interest in this classic game – co-creator of the Malware and Monsters experiences at DEF CON
Fancy yourself a dragon slayer? Or a dungeon master? You might want an introduction to Stanley Harris - our first judge in the CybersSec Game Challenge 2025.
A devoted Dungeons & Dragons fan Stanley Harris is working to inspire security champions to come together and join in an epic quest!
A devoted Dungeons & Dragons fan Stanley Harris is working to inspire security champions to come together and join in an epic quest!
August 2, 2025 at 11:09 AM
Fancy yourself a dragon slayer? Or a dungeon master? You might want an introduction to Stanley Harris - our first judge in the CybersSec Game Challenge 2025.
A devoted Dungeons & Dragons fan Stanley Harris is working to inspire security champions to come together and join in an epic quest!
A devoted Dungeons & Dragons fan Stanley Harris is working to inspire security champions to come together and join in an epic quest!
Great experiment . when reaching a certain size I couldn’t really fall down and the game froze on level 37. You and you daughter dis a great job. Me and my kids can’t wait for the next version!
July 14, 2025 at 12:16 PM
Great experiment . when reaching a certain size I couldn’t really fall down and the game froze on level 37. You and you daughter dis a great job. Me and my kids can’t wait for the next version!
We just had our 5th minor release in one year. Just wait for what comes next. This is what we have done over the last 13 months. If you like what we do for open source, visit our code repository github.com/OWASP/cornuc... and give us a star ⭐️
July 1, 2025 at 6:26 AM
We just had our 5th minor release in one year. Just wait for what comes next. This is what we have done over the last 13 months. If you like what we do for open source, visit our code repository github.com/OWASP/cornuc... and give us a star ⭐️
How do you get started with continuous threat modeling using gamification?
For threat modeling AI, start here: dev.to/owasp/threat...
For threat modeling the cloud, start here: dev.to/owasp/no-nee...
#owasp #appsec #cloud #ai #threatmodeling #games
For threat modeling AI, start here: dev.to/owasp/threat...
For threat modeling the cloud, start here: dev.to/owasp/no-nee...
#owasp #appsec #cloud #ai #threatmodeling #games
June 26, 2025 at 2:15 PM
How do you get started with continuous threat modeling using gamification?
For threat modeling AI, start here: dev.to/owasp/threat...
For threat modeling the cloud, start here: dev.to/owasp/no-nee...
#owasp #appsec #cloud #ai #threatmodeling #games
For threat modeling AI, start here: dev.to/owasp/threat...
For threat modeling the cloud, start here: dev.to/owasp/no-nee...
#owasp #appsec #cloud #ai #threatmodeling #games
If you think that technical debt is scary, wait until you get to see your security debt. Don't let the hacker penetrate your doors and locks. Start with continuous threat modeling at copi.owasp.org
How? Read all about it and how to threat model the cloud at: dev.to/owasp/no-nee...
How? Read all about it and how to threat model the cloud at: dev.to/owasp/no-nee...
June 26, 2025 at 10:03 AM
If you think that technical debt is scary, wait until you get to see your security debt. Don't let the hacker penetrate your doors and locks. Start with continuous threat modeling at copi.owasp.org
How? Read all about it and how to threat model the cloud at: dev.to/owasp/no-nee...
How? Read all about it and how to threat model the cloud at: dev.to/owasp/no-nee...