machine learning
Provisioning cloud infrastructure the wrong way, but faster
By Artem Dinaburg Today we’re going to provision some cloud infrastructure the Max Power way: by combining automation with unchecked AI output. Unfortunately, this method produces cloud infrastructure code that 1) works ...
How to Maximize Network Security With AI and ML
There is an increased focus on how advances in artificial intelligence (AI) and machine learning (ML) can negatively impact network security ...
Trail of Bits’ Buttercup heads to DARPA’s AIxCC
With DARPA’s AI Cyber Challenge (AIxCC) semifinal starting today at DEF CON 2024, we want to introduce Buttercup, our AIxCC submission. Buttercup is a Cyber Reasoning System (CRS) that combines conventional cybersecurity ...
Why SaaS Identity Abuse is This Year’s Ransomware
By Adam Koblentz Ransomware targeting endpoints and on-premises IT infrastructure has been a primary battleground for enterprise security teams in recent years. One of the highest-profile threat actor groups in this space ...
Snowflake and the Continuing Identity Threat Detection Gap Across SaaS and Cloud
By Adam Koblentz In recent weeks, a new wide-scale identity security incident has been unfolding that is refocusing the spotlight on important questions such as: Why are account takeover, credential misuse, and ...
Watch: “Behavior Doesn’t Lie:” The Power of ML for Identity Threat Detection and Response
Traditional security controls like MFA and PAM are bypassed easily by threat actors on a regular basis. Threat actors prefer breaking into organizations using legitimate credentials so they can achieve their goals ...
Securing Hugging Face Workloads on Kubernetes
In the rapidly evolving landscape of artificial intelligence (AI) and Large Language Models, the risk associated with implementing Generative AI […] ...
Auditing the Ask Astro LLM Q&A app
Today, we present the second of our open-source AI security audits: a look at security issues we found in an open-source retrieval augmented generation (RAG) application that could lead to chatbot output ...
Why SaaS Identity Abuse is This Year’s Ransomware
Let’s explore some of the details behind this escalating threat to SaaS applications, what may be driving it, and what you can do to better protect your SaaS footprint from these types ...
The Impending Identity Crisis Of Machines: Why We Need To Secure All Non-Human Identities, From Genai To Microservices And IOT
The digital landscape is no longer solely populated by human actors. Lurking beneath the surface is a silent legion – non-human or machine identities . These non-human identities encompass computers, mobile devices, ...
