Allie Mellen

My new book, Code War: How Nations Hack, Spy, and Shape the Digital Battlefield, is available for pre-order now! ⬇️ ⬇️ ⬇️

Pre-order it here: bit.ly/4aJj2Ep

Code War: How Nations Hack, Spy, and Shape the Digital Battlefield <p><b>An incisive exploration of how cyberattacks are transforming geopolitics</b></p> <p>Cyberattacks are the ultimate geopolitical weapon of the 21st century. They are used to damage presidential c...

When I began writing Code War, I didn’t imagine just how timely its lessons would be. Because of this, I'm opening up my calendar for book signings, keynotes, fireside chats, etc.

If you’re hosting an event, let’s make it unforgettable. DM me! 📩

www.wiley.com/en-us/Code+W...

Timeline: How the Shooting of Alex Jeffrey Pretti Unfolded A moment-by-moment analysis of video from the scene shows that Mr. Pretti was already restrained when fatal shots were fired, which appears to contradict the federal government’s account of the event.

He was restrained. He had not pulled a weapon. They shot him ten times. www.nytimes.com/interactive/...

ICE detainee passes away at Georgia’s Robert A. Deyton Detention Center On Jan. 14, 2025, Heber Sanchaz Domínguez, a 34-year-old Mexican national, passed away while in U.S. Immigration and Customs Enforcement custody at the Robert A. Deyton Detention Center. He was pronou...

ICE confirms 5th in-custody death of 2026.

www.ice.gov/news/release...

Code War: How Nations Hack, Spy, and Shape the Digital Battlefield Code War: How Nations Hack, Spy, and Shape the Digital Battlefield [Mellen, Allie] on Amazon.com. *FREE* shipping on qualifying offers. Code War: How Nations Hack, Spy, and Shape the Digital Battlefield

I have some big news: I wrote my first book! And it's available for preorder! 🙈

If you want to wish me a happy holiday this season, PLEASE preorder it!

Preorder it here:
www.amazon.com/-/es/Code-Wa...

www.barnesandnoble.com/w/code-war-a...

CrowdStrike Researchers Identify Hidden Vulnerabilities in AI-Coded Software CrowdStrike researchers reveal how trigger words cause DeepSeek-R1 to generate vulnerable code—exposing new AI-driven risks in software development.

"For example, when telling DeepSeek-R1 that it was coding for an industrial control system based in Tibet, the likelihood of it generating code with severe vulnerabilities increased to 27.2%." if you're considering using DeepSeek, read this @crowdstrike.com www.crowdstrike.com/en-us/blog/c...

Breaking: The FCC has voted 2-1 along party lines to eliminate cybersecurity requirements for telecom companies that the commission adopted at the end of the Biden administration.

Telecoms had lobbied for the change. Democrats said it would invite another Salt Typhoon.

Story coming shortly.

How did CrowdStrike’s outage impact IT teams? The impacts of last year’s CrowdStrike disruption from IT pros who experienced it.

great piece in ITBrew by Billy Hurley, looking back a year later - www.itbrew.com/stories/2025...

Gold Rush Or Fool’s Gold? How To Evaluate Security Tools’ Generative AI Claims Generative AI features and products for security are gaining significant traction in the market. Knowing how to evaluate them, however, remains a mystery. What makes a good AI feature? How do we know ...

Sometimes, GenAI features are useful. Others are useless, and worse, sometimes just wrong. 😾

When software is non-deterministic, we need new ways to evaluate its utility, the trust we should put in it, and how we should plan to pay for it. Read more:

www.forrester.com/blogs/gold-r...

There are big differences between invoking AI in an application, building an AI agent, and building an agentic system.

These terms are being conflated, and it’s confusing the market at a time when we ALL need to understand this stuff. Read our explainer:

www.forrester.com/blogs/your-t...

💥 SURVEY REMINDER: If you have not filled out our research survey on how generative AI is and will be used in security tools, PLEASE DO SO!! 💥

Deadline is THIS FRIDAY!!

forrester.co1.qualtrics.com/jfe/form/SV_...

HR giant Workday says hackers stole personal data in recent breach | TechCrunch The HR tech giant said it had no indication of any unauthorized access to customer systems, but has not ruled out a breach affecting customers' personal information.

New: Workday disclosed a data breach affecting a third-party customer database, likely Salesforce.

Workday hasn't explicitly ruled out a breach of customer info, but says the data includes contact information.

(FYI, Workday has hidden its breach notice from search engines using "noindex" code.)

🚨HELP our latest Generative AI in security tools research! 🚨

VENDORS, complete this survey!

PRACTITIONERS, if you are building genAI tools for your team or using them and want to tell us about it, message me!

forrester.co1.qualtrics.com/jfe/form/SV_bQ…

Just had another great conversation with @cloudsecuritypod.bsky.social !! Stay tuned for when it drops

Drowning In Security Data Costs? You Get A Data Lake Get tips on how data lakes can help manage growing data costs in the security information and event management (SIEM) system.

@microsoft.com announced two new features in Sentinel today.

1) Data Lake for low-cost, long-term storage to help manage Sentinel costs

2) MDTI will be included in Sentinel and Defender XDR at no additional cost later this year

Read more - www.forrester.com/blogs/drowni...

Announcing The Forrester Wave™: Security Analytics Platforms, 2025 – The SIEM Vs XDR Fight Intensifies The Forrester Wave™: Security Analytics Platforms, Q2 2025 published today and illustrates the dramatic changes this market is undergoing as legacy SIEM vendors are locked in heated competition with s...

I'm very excited to announce that the Forrester Wave: Security Analytics Platforms 2025 is now LIVE! 💥 💥 💥

Read the blog (and the full report!) here: www.forrester.com/blogs/announ...

Is the future of the SOC autonomous? A Q&A with Forrester's Allie Mellen | Tines Allie Mellen, Principal Analyst at Forrester Research, answers follow-up questions on the future of SOC automation and the role of genAI.

Is the SOC of the future autonomous?

That’s the question we tackled with Tines CEO Eoin Hinchy and guest speaker Forrester’s @hackerxbella.bsky.social in a recent webinar - and the discussion didn’t stop there.

Read our follow-up Q&A:
www.tines.com/blog/autonom...

Protecting your privacy goes hand in hand with protecting encryption Don't willingly take the locks off your house.

Today on the latest breach: the Florida bill failed to pass, but encryption is still under attack. Here's why we need to protect it (for your own privacy!):
open.substack.com/pub/hackerxb...

💯

Don’t Call It A Comeback: Stay Ready For Ransomware According to Forrester’s 2024 Security Survey, 25% of CISOs cite preventing and protecting against ransomware as a top strategic priority for their organization. To do this, security leaders, their te...

@hackerxbella.bsky.social and I just published a new decision tool designed for security leaders and their teams to aid in the perpetual fight against ransomware. Check out our latest blog for more! www.forrester.com/blogs/dont-c...

Forrester’s Top Threats For 2025 2025 started with a bang! Technology and geopolitics are changing faster than many can keep track. There’s an announcement of a new, benchmark-shattering generative AI seemingly every week. Planned jo...

We just released our latest research: Top Cybersecurity Threats for 2025!

Read the blog and full report for more info on these threats and what to do about it: www.forrester.com/blogs/forres...

Thank you so much

On The Latest Breach: stand up for other Americans. @thekrebscycle.bsky.social is not a bad faith actor, he's a patriot.

hackerxbella.substack.com/p/chris-kreb...

Generative AI Innovation In Security Tools Is Finally Getting Interesting Last week, I spoke at the C2 conference in London. The C2 conference is an invite-only threat intelligence conference run by the team at SE Labs. The core themes of the event were timely and provoked ...

Last week, I spoke at the C2 conf on genAI in security tools. 🤖

The themes of the event were timely and provoked interesting discussion: artificial intelligence, supply chain security, and cyber hygiene. Read my thoughts on each in my latest blog -

www.forrester.com/blogs/genera...

TikTok is about to get banned...again? Plus, elected representatives sloppily risk American lives in SignalGate

Here's why the TikTok ban is a mistake.

hackerxbella.substack.com/p/tiktok-is-...

Attributing cyberattacks to a specific actor is harder than it looks Patience is a virtue and can prevent an international incident

new latest breach is out! this week on attribution hackerxbella.substack.com/p/attributin...

Teaser: The Cybersecurity Exodus Problem YouTube video by ITSPmagazine

Security tools claim high detection rates, but what’s the real cost? Let's unpack the latest @attack.mitre.org Evaluations, why alert volume matters, and how detection engineering improves security outcomes.

🎧 youtu.be/tE1SFwo_jEw

#Cybersecurity #MITREATTACK #SecurityOps @hackerxbella.bsky.social

thanks Sean!

Cybersecurity’s Latest Buzzword Has Arrived: What Agentic AI Is And Isn’t Cybersecurity vendors have come out of the woodwork in the past few months to announce their “agentic AI” innovations. These include vendors like Swimlane, ReliaQuest, Dropzone AI, Intezer, and others...

The Blob strikes again! The latest cybersecurity buzzword? Agentic AI 🤖

Read how @forrester defines agentic AI and how it will apply to security teams here:

www.forrester.com/blogs/cybers...