Latest
05
Jul
LiteLLM Security: Your AI Gateway Is a Secrets Manager. Benchmark It Like One
July 2026
An AI gateway is a secrets manager wearing a router's clothes. LiteLLM, the most widely adopted
7 min read
05
Jul
External Attack Surface Management: Seeing What Attackers Already See
July 2026
For years, security ran on a simple mental model: build the walls high, dig the moat deep, and
13 min read
03
Jul
Your AI Coding Assistant's Config Folder Is a Persistence Surface
Supply-chain malware started writing into the config files your coding agent reads on every run. Nothing in the usual toolchain is watching that surface.
10 min read
01
Jul
The EU AI Act Lands on Your Codebase, Not Just Your Legal Team
July 2026
The EU AI Act describes engineering work. Risk management, logging, human oversight, resilience against attackers: these are build
6 min read
23
Jun
What Is Scanning My Server? An Internet Scanner Reference
You found a line in your logs you do not recognise. CensysInspect, Shodan-Pull/1.0, visionheight.com/scan, a
8 min read
21
Jun
Quantum Is Breaking Your Cryptography. The Question Is When It Matters.
June 2026
You can settle your organisation's quantum exposure in three numbers, without guessing when a quantum computer
9 min read
20
Jun
The Agent Control Plane: Security's Third Sprawl
June 2026
Every major platform vendor is shipping an agent control plane this year, and most of them are selling
9 min read
20
Jun
Claude Code Security Review: CodeGuard vs the Built-in Tools
June 2026
Claude Code can review your code for security flaws. Type /security-review and it scans your project for
6 min read
24
May
What is a JA3 Fingerprint? How TLS Client Fingerprinting Works
Recognise the software behind any encrypted connection from its TLS handshake alone. How JA3 fingerprinting works, how to read one, and what a single hash reveals about shared attacker tooling.
7 min read
23
May
AndroxGh0st and the limits of TLS fingerprinting
May 2026
The same scanner toolkit AWS attributed to Interlock ransomware in March 2026 also runs AndroxGh0st credential theft and
11 min read