SQL statements are just one-shot prompts from the 70s
13.12.2025 01:20
π 0
π 0
π¬ 0
π 0
SQL statements are just one-shot prompts from the 70s
Iβve completely switched from feeling a little twinge when reaching my Claude session limit to increasingly anxious that Iβm not going quickly enough to get shut off and am leaving cycles on the table
On the long road to agentic systems, MCP tools are a well-lit highway rest stop, almost universally needed but still maybe not where you wanna linger too long
Itβs funny to me that LLMs can perform better when given better English, when the reason many folks use LLMs is to minimize or eliminate the exercise of good writing
Agentic AI = nobody uses your web/mobile apps except when there is no other choice, which puts those UI assets in the same category as fax machines and paper contracts
Hard to admit but my #1 superpower is actually having failed so much, in so many different ways, and at different levels of scale, that I can sense failure in teams in real time as a physical sensation, the way dogs start barking before an earthquake
So much of βprompt engineeringβ is what we used to just call βbeing a good managerβ and you might not really grok that without having managed a midsize team at some point in your career
I believe my marketing/events team would recognize this as my writing process
We're going to #apidays NYC! π Our VP of Eng.,
@robfromboulder.bsky.social, will be speaking there, as well. π£οΈ
See us in NYC May 14-15 to talk #APIsecurity, #SIEM, & more. Or just to hang & get #Graylog swag! π€π
www.apidays.global/new-york/ #APIs #cybersecurity #API #APIdaysNY #Graylog
Unmanaged #APIs create #security blindspots. πΆοΈ π§ And, as orgs build out their application ecosystems, the number of APIs integrated into IT environments expands β which can easily overwhelm security teams. βοΈ π π΅
Enter... API discovery.π₯ Learn more.π
graylog.org/post/why-api... #cybersecurity
Table 1: Top 15 Routinely Exploited Vulnerabilities in 2023
- SQL injection
- Code injection
- Command injection
Fact: ORMs aren't a magic bullet for SQL injection. Misusing the API or vulnerabilities in the library itself can still cause problems.
I've seen it already with TypeORM and with Sequelize.
#APIsecurity incidents were at an all time high in 2024. π
With increasing #cyberattacks driven by #AI & automation, #security teams must have a strategy that emphasizes monitoring firewalls, gateways, etc. but also works towards detecting API data exfiltration.
www.itprotoday.com/vulnerabilit...
omg π€¦π»ββοΈ
The obvious question is whether this would actually be enforcedβ¦but imho establishing a federal standard of care for privacy is worth it either way
Need a reference guide for the Syslog protocol? π We've got you covered! π
#Syslog is a logging protocol that is supported across many applications as well as hardware, and despite having been developed in the 1980s is still a very common format in use today. graylog.org/post/syslog-... #cybersec
Watch and wait and enjoy sports and hope that a national moment of realization obtains, gotcha
Just today have seen multiple phishing attempts offering βhelpβ accessing frozen government funds and benefits
This is a really big deal about protecting critical infrastructure.
If any adversary takes down your water supply, you got a problem.
#CyberCivilDefense #take9
Everyday we're all for-real under threat of cyber attacks, that's seriously scary.
Good news is thereβs something we can all do to thwart these dangers.
Here's a start: just pause and #Take9 seconds before you click, download, or share.
Follow @pausetake9 for more!
#CyberCivilDefense
Not all orgs need heavy-hitting data pipeline management tools.πβ Complex tools create extra work & require more skills. Simple ones won't give you the data you need. You need the βjust rightβ tool.
Learn more about data pipelines & their benefits for security telemetry. graylog.org/post/using-d...
CISA director says threat hunters spotted Salt Typhoon on federal networks before telco compromises
It's been an awesome few days at the #Graylog company-wide get together in Charleston, SC. π One highlight was our awards ceremony where we honored some particularly impactful team members.π
Congrats on some amazing achievements & TY for being such great roll models! π #cybersecurity #infosec
Is Biden's 11th-hour EO on cybersecurity DOA?
"Given the timing right before a change in the administration, I can't help but think it's a bit of a Hail Mary designed to include everything possible and just see what sticks."
Hi #infosec, I wrote a blog about patching prioritization. CVE scores weren't meant to be the gold standard. Context from your runtime activity is an essential ingredient. And for those systems that cant/wont be patched, you need monitoring in place. graylog.org/post/why-pat...
I love the annual tradition of @lorenzofb.bsky.social @zackwhittaker.bsky.social and @carlypage.bsky.social highlighting the best cybersecurity stories (and, in quite a few cases, thorough investigations) that other people wrote techcrunch.com/2024/12/24/t...
Let's talk about #APIsecurity. As orgs integrate more applications, they add more #APIs, making API #security both more important and more challenging. π
Do you need help with API security? We've got you covered! Learn more.π
graylog.org/post/what-is... #cybersecurity #infosec