Sign in Subscribe

Curtis Collicutt

Memory Safe Languages: Does Just Bossing around Developers Work (From a Security Perspective?)

One of the smartest computer security people around (not me) asks if we can just keep piling work on developers, including things like rewriting everything in memory-safe languages.

A Look at NIST 800-204D: Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines

At this point, the name Solarwinds has become almost synonymous with the idea of a Software Supply Chain (SSC) attack. And now, a few years after this particular attack, we have some recommendations from NIST on how to secure the systems that build and update software products.

Cyber Deterrence

We've long been under the global spectre of MAD, mutually assured destruction, but that's only one model of deterrence. We also need to examine what deterrence means in the context of cybersecurity.

Transformational Versus Transactional Leadership

John McMahon, a five time Chief Revenue Officer, talks about how helping people to grow is a sign of true leadership.

In Linux Everything Is a File. In Threat Detection, Everything Is a Stream.

To detect threats, we need to look at all the events that occur across our infrastructure. The open-source Falco project has historically looked at system calls but can also analyze any streaming log file, such as those provided by cloud and SaaS platforms.

Writing Shell Commands in Natural Language

With GenAI, we can communicate with computers in natural language, and get them to do highly technical things just by asking. The Shelly tool is an example of how we can use OpenAI to create shell commands using natural language.

Is "Good Taste" Valuable in Technology?

As we continue to improve our use of computers—how we work with them, how we write code, how we remove the tension between the "social" and the "technical"—we will find that we have more opportunities to use our good taste, to build on it, and to create something wonderful.

Cybersecurity, Safety Barriers, and Secure by Default

Rarely are systems secure out of the box; in fact, quite the opposite, most of the time we turn off every possible security feature or setting in the desire for expediency.

What is Huggingface?

Open-source large language models are powerful and plentiful. The rapid pace of their development makes them difficult to discover. Where can we get hold of them, and how can AI practitioners share their work?

Mark Weiser: The World Is Not a Desktop

Mark Weiser argues that computers should be like childhood memories and therefore be designed to be forgotten, yet easily recalled when needed. In his paper, he advocates for computers to be as invisible as any other good tool; that we don't need virtual reality, intelligent agents, or multimedia.