we45
@we45
Followers
1K
Following
2K
Media
513
Statuses
3K
We are your partners in product security. Creators of @appsecengineer and @orchestronio. AppSec Training | Cloud & Kubernetes | Threat Modeling | DevSecOps
United States
Joined November 2009
Worth watching if Claude Code is used in your environment. Permissions, sandboxes, MCP tools, and threat modeling — all explained clearly. 👉
Claude Code is powerful — but only if it’s secured properly. @abhaybhargav breaks down permissions, sandboxing, MCP tools, and how to threat model @claudeai Code and the Claude Agent SDK. If AI writes and runs code, it needs a security model. https://t.co/ZbPcB6o9aT
0
0
0
As multi-cloud adoption grows, so do its challenges. From AWS to GCP to Azure, organizations are juggling unique implementations while trying to maintain robust security. Sound familiar? Here’s the good news: a centralized and simplified approach works best.
0
0
0
Thank you to the @SANSInstitute for the recognition and to every single person who voted for us. This win motivates us even more to keep building, improving, and pushing the boundaries of application security. Let’s keep going! 💪
The Innovation of the Year Award goes to the individual or team who uses unique approaches to succeed through innovation and risk-taking and/or creating an open-source tool of significant value. This year's Community Winners are the team for @secreview_ai! Congratulations! 👏
1
2
3
Cybercriminals love weak links in your supply chain. A single compromised vendor can put your entire business at risk. That’s why a proactive approach to supply chain security isn’t optional, it’s essential. Is your security team assessing these risks?
0
0
0
Wishing you a Diwali filled with light, laughter, and new beginnings. Here’s to brighter ideas, stronger teams, and endless inspiration. ✨
0
0
0
To the heroes who won our freedom and the heroes who protect it today, we salute you. 🇮🇳
0
0
1
Prevention. Automation. Collaboration. Burnout happens when security is reactive. Flip the script, and you’ll start seeing progress.
0
0
0
4️⃣ Get leadership buy-in. Talk in terms of impact, numbers, and compliance. Yes, you’re selling security. But leadership needs to understand it to support you.
1
0
0
3️⃣ Make security a shared responsibility. Start threat- and risk-based conversations with product teams. Facilitate and empower—don’t just dictate.
1
0
0
2️⃣ Automate security in the SDLC. Strategic automation is key. Go further with custom SAST/DAST rules tailored to your product.
1
0
0
1️⃣ Invest in training. Sounds obvious, right? Yet it’s often sidelined. Continuous, high-quality training stops bad things before they happen downstream.
1
0
0
Burned-out security teams can’t fix growing backlogs. Here’s how to flip the script, get ahead, and actually prevent security problems. 🧵
1
0
1
No One Knows Where to Start You want DevSecOps. But where’s the roadmap? Without a clear game plan, even the best intentions fall flat.
1
0
0
Siloed Teams, Siloed Mindsets Developers avoid security. Security works in isolation. Everyone points fingers when it breaks.
1
0
0
Your Toolchain Is a Mess Too many tools. None of them are talking to each other. You can’t secure what you can’t see.
1
0
0
Your Budget’s Choking Your Strategy Trying to scale security with tight budgets? Cutting corners now = bigger breaches (and costs) later.
1
0
0
Legacy Systems Are Dragging You Down Outdated tools + manual workflows = a DevSecOps nightmare. They weren’t built for automation or CI/CD and they’re holding you back.
1
0
0