Thoughts on AI, security, LLMs, and more.
The industry wants a self-driving SOC, but past tickets and analyst dispositions teach models queue behavior, not attacker truth. Autonomous purple teaming is the missing crash-test infrastructure: controlled, repeatable experiments that validate detections and generate the environment-specific evidence security models need.
Read post →AI does not fail symmetrically. Hallucinations, indeterminism, and overconfident errors help offense first. Defenders only win when models are embedded in systems that are grounded, bounded, and reversible.
Read post →Anthropic says its new model can autonomously find and weaponize zero-days across major software. If that claim broadly holds up, the real story is that exploit development may be becoming cheap, autonomous, and accessible faster than defenders can adapt.
Read post →Most security teams still defend in shifts while attackers now operate in continuous loops at machine speed. The answer is not panic, but architecture, identity governance, automation, and workflows built for continuity.
Read post →AI has compressed the cost of building software and the cost of copying it. The durable edge is no longer just code quality, but how fast an organization can ship, learn, and adapt on top of the right architecture.
Read post →As anyone in tech, I constantly get bombarded with countless papers, links, and resources to read. I dedicate Fridays to tackling this "technical debt" by reading through as much as possible.
Read post →This paper is one of the important foundational papers from OpenAI, published in 2020. GPT-3 demonstrates that LLMs pretrained with large volume of data can learn very quickly with few examples, possibly cutting the need for fine-tuning.
Read post →This is a recent paper from Google Research and DeepMind that introduces Med-PaLM, a Large Language Model tailored to answer questions about the clinical (medical) domain, achieving SOTA results on various domain specific datasets.
Read post →You probably heard the buzz around "metaverse". Regardless of which side of the argument you are in, in this article, I discuss metaverse security — from infrastructure to identity to data privacy.
Read post →This paper proposes a methodology to use side channel information (electromagnetic signals) to identify malware activity, type, and identity, even in the presence of obfuscation. A paper from ACSAC 2021.
Read post →Risk management is a fundamental part of Cloud Service Management. This post explains how an AI-based approach can standardize different domains to quantify risk using NLP, applied in IBM Cloud Pak for Multicloud Management.
Read post →A disclosure: I am not an avid blogger, however, I do read and write quite a lot and always willing to become an avid blogger.
Read post →