"Threat Modeling: Designing for Security" is an excellent book by @adamshostack.bsky.social that begins with an introductory perspective and gradually builds toward more complex concepts, supported by real-world examples. Overall, a well written, enjoyable read.
kbala97.github.io/CyberTechHea...
Creates the number 1 Threat Modeling company focused on secure by design!
The very best reporting and investigative journalism from our friends at other publications.
I had the pleasure and good fortune of collaborating with Jon on a board of a company. I have no doubt Jon will continue to influence our world!!
Cloudflareβs outage root cause is well explained here:
Prince (CEO) explained that a feature file doubled in size. The larger-than-expected feature file was then propagated to all the machines that make up our network.β
arstechnica.com/tech-policy/...
OWASPβs 2025 Wake-Up Call: Why Broken Access Control Still Haunts Web Security
November 18, 2025
OWASPβs 2025 findings show broken access control remains one of the most persistent and damaging web security problems.
kbala97.github.io/CyberTechHea...
The Security Vulnerabilities to Watch For When Youβre Vibe Coding:
This article discusses common security vulnerabilities developers should be aware of when βvibe codingββcoding quickly without strict adherence to best practices. @harryguinness.bsky.social
kbala97.github.io/CyberTechHea...
Separating AI Hope from AI Hype:
If you believe the hype, AI will soon take all our jobs, or solve all our problems, or destroy all boundaries between reality and lies. This brilliant podcast by @randomwalker.bsky.social Arvind Narayanan will help sort that out.
kbala97.github.io/CyberTechHea...
Why Good Security Fails: The Asymmetry of InfoSec Investment
A paradox of security is that when you have invested appropriately and have less incidents, someone will ask: βWhy are we spending on security when we donβt have any issues?"
@philvenables.bsky.social
kbala97.github.io/CyberTechHea...
The Art of Selling as an Engineer: What Does a Solutions Architect Do?
A great podcast to learn about what a βSolutions Architectβ does and brings value! As always, a great podcast from Daliani Liu.
kbala97.github.io/CyberTechHea...
What are AI Foundational Models?
The current wave in AI is replacing task-specific models with those that are trained on a broad set of unlabeled data that can be used for different tasks, with minimal fine-tuning.
kbala97.github.io/CyberTechHea...
AI Tools Make development Slower for Senior Open-Source Developers: AI tools take 19% longer to complete tasks compared to those working without AI assistance. A lot of nuances to this very interesting study.
kbala97.github.io/CyberTechHea...
Input Validation Vulnerabilities Dominate MITREβs 2024 CWE Top 25 List
kbala97.github.io/CyberTechHea...
A year after the CrowdStrike incident spawned BSODs across the world, in July, Microsoft will roll out its Windows endpoint security platform to allow Windows solutions to run outside the kernel, hopefully eliminating the chance of such an incident again.
redmondmag.com/articles/202...
Finished reading a great book by Brook Shoenfield on "Threat Modeling" to secure systems early during the design phase and Shifting-Left on cybersecurity in the product lifecycle.
kbala97.github.io/CyberTechHea...
How NAT works?
#Cybersecurity attack vectors.
Good to know:
Privacy advocates have long advocated using end-to-end encrypted apps. Signal and WhatsApp automatically implement end-to-end encryption in both calls and messages. Google Messages and iMessage also can encrypt calls and texts end to end
Love the simple graphic!
Super creative!
