Capt. AIn

  • 36 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle























  • Getting rid of long living access keys is such a win.

    Adding an SCP to block creation is mentioned last in the blog post, but I’d sat that’s the first thing one should do. That way the problem won’t grow as you remove the existing ones (which might take a lot of time).

    Good blog post indeed! Not exactly ground breaking but considering how common the problem is I don’t blame them for writing it.



  • Capt. AInOPMtoAI InfosecIn Escalating Order of Stupidity
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    My take so far is that there isn’t really any great options to protect against prompt injections. Simon Wilson presents an idea here on his blog which could is a bit interesting. NVIDIA has open sourced a framework for this as well, but it’s not without problems. Otherwise I’ve mostly seen prompt injection firewall products but I wouldn’t trust them too much yet.


  • Capt. AInOPtoCloud Securityfwd:cloudsec live stream
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    “Beyond the AWS Security Maturity Roadmap” by Rami and “Google Cloud Threat Detection: A Study in Google Cloud” by Day were my favourites. Though I’ve only seen about half so far.

    I say most, if not all, are good but since the talks often are niche it depends on what you’re after.






Moderates