סוגר airbnb בצידון לחג לפני שזה עובר לשקלים. .

RT @TheBabylonBee: Hamas Says All The AK-47s Found In Gaza Hospital Were Strictly For Medicinal Use .

What do you want to know?.

RT @harnevo: Yesterday's night i posted a video about the horrific genocide Israel experienced on Oct. 7th. The video was removed from Twi….

RT @mfg: I'm a Jew in NYC and I made friends with a Palestinian in Gaza this week. Using @Snap Maps I was able to build a personal connecti….

Brilliant!.

𝐓𝐡𝐞 𝐑𝐨𝐛𝐨𝐭𝐬 𝐚𝐫𝐞 𝐂𝐨𝐦𝐢𝐧𝐠. ? (𝐎𝐫 𝐖𝐡𝐚𝐭 𝐀𝐮𝐭𝐨𝐆𝐏𝐓 𝐓𝐚𝐮𝐠𝐡𝐭 𝐌𝐞 𝐒𝐨 𝐅𝐚𝐫. ). So let me start by saying, you're jobs are safe. For this week. I can't make any guarantees about next week. I've spent quite a bit of time (and…

A friend recently asked me what matters when it come to API security. I think what she meant was, "great, this is another thing I need to care about. what do I need to learn so I can stay on top if it?". I've boiled my answer down to five key things you…

The single most important aspect of API security is maintaining a detailed inventory of all API endpoints and making sure you monitor changes on an ongoing basis. That's a very opinionated statement, and I don't think it will necessarily be that way fore…

This is a great article. I wanted to write something like this and could not have done nearly as good a job, some I'm just sharing this one. Bottom line: .1. Security people should stop acting like they know so much about finances and startup banking. 2.…

In honor of international women's day, let me take a moment to thank all the badass women engineers I've had the privilege of working with, and for, over the past 25 years. Diversity in development teams is often a huge driver of innovation, and I especia…

ChatGPT has a problem no one is talking about. I've played with it way too much. I've even used it for work, and for solving kids homework problems. I've use it to plan a trip. I've used it to write content. I've made it write code for me.

Feature I want in my next refrigerator: a secret compartment where I can hide all the things I don't want the kids to eat.

𝘊𝘢𝘯 𝘺𝘰𝘶 𝘢𝘤𝘵𝘶𝘢𝘭𝘭𝘺 𝘥𝘰 𝘢𝘨𝘦𝘯𝘵𝘭𝘦𝘴𝘴 𝘢𝘱𝘱 𝘢𝘯𝘥 𝘈𝘗𝘐 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺?. We all know the limitations of agentless solutions. They sit outside the application, using whatever telemetry they can get access to in order to figure out if…

API security is still low priority, and it's our fault. Security people like me live in a bubble. We spend our time at security conferences, reading security blogs, discussing security news, and talking to other security partners and customers. When y…

H̳o̳w̳ ̳t̳o̳ ̳g̳e̳t̳ ̳s̳t̳a̳r̳t̳e̳d̳ ̳w̳i̳t̳h̳ ̳A̳P̳I̳ ̳s̳e̳c̳u̳r̳i̳t̳y̳. Here’s my simplified 3-step plan to API security. As with all such simplified marketing click-bait videos, the world is obviously more complicated than I’m going to make it sound.…

What happens to AppSec when moving to an API environment?. One of the things that I observed when trying to understand the difference between doing application security and API security, is that we're often pushing business logic out to the client. This…

𝐓𝐡𝐞 𝐩𝐫𝐨𝐛𝐥𝐞𝐦 𝐰𝐢𝐭𝐡 𝐜𝐮𝐫𝐫𝐞𝐧𝐭 "𝐚𝐠𝐞𝐧𝐭𝐥𝐞𝐬𝐬" 𝐀𝐏𝐈 𝐒𝐞𝐜 𝐬𝐨𝐥𝐮𝐭𝐢𝐨𝐧𝐬. The API security world has been through a lot in its short lifespan. Starting out heavily based on proxies and agents, it has made a drastic, almost knee-…

𝐀𝐏𝐈𝐬 𝐚𝐫𝐞 𝐠𝐨𝐨𝐝 𝐟𝐨𝐫 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲. I talk a lot about the need to think very seriously about API security, and the transitions companies need to do from traditional AppSec. And these things are very true. However, at the end of the day,…

Why is API Security a thing? . Why isn’t it just an AppSec problem, that I can solve with my AppSec tools, like a WAF?. This is a common question I hear, and when you try to answer it thoughtfully, it turns out to be a pretty good question. One way to u…

𝐒𝐡𝐚𝐝𝐨𝐰 𝐚𝐧𝐝 𝐳𝐨𝐦𝐛𝐢𝐞 𝐀𝐏𝐈𝐬 𝐚𝐧𝐝 𝐰𝐡𝐚𝐭 𝐭𝐡𝐞𝐲 𝐦𝐞𝐚𝐧 𝐭𝐨 𝐲𝐨𝐮𝐫 𝐚𝐩𝐩 . Most security terminology is a bunch of unintelligible three and four letter acronyms, like CSPM, SOC, and IoCs. Most of these just lead to confusions and…