Award Winning Top 10 Ranked CyberSecurity Podcast in US,UK and Aus. Learn Cloud Security in Public Cloud the unbiased way from CyberSecurity Host: @hashishrajan
Joined February 2019
- Tweets 1,255
- Following 1
- Followers 3,629
- Likes 742
848 Photos and videos
MFA and SSO were built to prove who you are at login.
They were never built to protect what happens after.
Attackers don't need your password. They abuse the post-authentication material, the cookie, the token and operate as you.
@SpecterOps
2
1,729
Claude Code your SIEM gets you ~20% of the way to real detection engineering.
The other 80%: data normalization, intelligence limits, and maintaining the whole system.
The work isn't asking the question. It's testing and validating detections in your own context
72
Most teams think they have a few attack paths. The real number can run into the billions.
Mark Wilson & Kay Daskalakis from the team behind Bloodhound @SpecterOps spoke to @hashishrajan about identity, agentic AI on old infrastructure, and why speed changes but context doesn't
1
3
762
Everyone's buying AISPM.
Almost no one can stop an agent going off the rails.
Full inventory. Total visibility. And no way to step in when the agent goes wrong.
Posture is not prevention.
@varonis #cloudsecurity #aisecurity
45
85% of your mission-critical apps run in a browser.
That browser was built to monetize you. Not your business.
SaaS apps. Sensitive data. IP. All running through a browser engineered to serve ads.
@island_io
1
44
You can switch on AI tooling for your non-technical teams in an afternoon. The visibility you lose takes much longer to notice.
That's modern third-party risk: the vendor isn't always outside your building anymore.
@Lovable
60
Someone told Claude Code to find open S3 buckets in their AWS account.
It tried. Failed. Tried again. Failed.
Then reached for Prowler on its own, without being told to.
Toni De La Fuente: AI isn't magic. When it hits its limits it looks for the right tool.
@ToniBlyx
96
Most organisations have accepted by design that they're not covered.
Not because they lack tools. Because the tools catch high and critical alerts.
Most breaches don't hide there.
They hide in the low and no signal events.
#cloudsecurity #CISO
78
When a vendor ships a patch, they ship the blueprint of the vulnerability.
AI reconstructs that blueprint and builds the exploit from it.
CVE to exploitation: 1.5 years in 2020.
Now under 24 hours.
The patch isn't buying you the time you think.
@EppSecurity @sysdig
103
10,000 identities. 22 million attack paths.
Once an attacker is on your system they don't need your password.
They don't need your MFA.
They just ride your authentication.
30 years of trust model, diluted the whole time.
@SpecterOps
63
Remediation has been a problem in security forever.
Two teams measured differently.
Security: how fast did you find it?
Remediation: how fast did you patch it?
Neither measured on how long it was exploitable.
#cloudsecurity #CISO @brinqa
98
An organisation built an AI app for internal use.
Developer said: it's internal. Nobody can access that.
Someone got in. Reached internal data. Exfiltrated it.
Not a sophisticated attack. Just an assumption that "internal" meant safe.
#cloudsecurity #CISO @PaloAltoNtwks
1
131
A prompt injection contest was run at a security company.
They expected security professionals to win.
Teenagers cleaned everyone's clock.
Security pros are constraint thinkers
Teenagers have no concept of constraints.
The attack surface isn't technical anymore.
@CheckPointSW
88
An org took 284 days to recover from ransomware.
Six months later same group hit them again.
The backdoor came back with the restore.
Most orgs can tell you when their last backup ran.
Very few can tell you when the attacker first got in.
That gap is the problem.
@Commvault
70
The assumption most vuln programmes were built on is gone.
That you'd have time between discovery and exploitation.
Months went down to weeks. In some cases seconds.
Sophisticated attacks no longer require sophisticated attackers.
#cloudsecurity #CISO @brinqa
1
94
Everyone complains about AI hallucinations in security.
Have you ever worked a 3am shift?
Humans hallucinate too. You misread an alert because you didn't have the right context.
An agent does the same thing for the same reason.
@runpanther @jack_naglieri
82
AI guardrails are dead.
They were built as perimeter checks. Block prompt injection at the entry point.
But with agentic AI the attack surface isn't at the entry point anymore.
#cloudsecurity #AIsecurity #CISO @CheckPointSW @LakeraAI
684
An HR employee opened WhatsApp.
Activated Meta AI inside it.
Started feeding patient records into it for a summary.
Unsanctioned AI. Inside a sanctioned app. With HIPAA data.
how would you even write an IR rule to stop that?
#cloudsecurity #CISO @Ent_Security
1
135
Security can't keep being the blocker.
Joe Sullivan says the number one trait for the next gen security team is curiosity.
@sgerlach's anti-pattern: needs procedures. Stays in the box.
@StackHawk
1
3
87