hacking, bug bounty, appsec

Scaling Threat Modeling with AI: Generating 1000 Threat Models Using Gemini 2.0 and AI Security Analyzer


An in-depth look at how I leveraged Gemini 2.0 to create a massive security documentation repository, complete with practical examples and lessons learned.
Read more ⟶

AI Security Analyzer - All-in-One Tool Preview


Preview of the AI Security Analyzer - a new tool that leverages AI to automatically generate comprehensive security design documentation for your projects.
Read more ⟶

Automating GitHub Workflows with Fabric Agent Action


Introducing the Fabric Agent Action - a GitHub Action that automates complex workflows using AI-powered agents and Fabric Patterns.
Read more ⟶

Create design documents with Fabric


How I use Fabric patterns to create, review and refine design documents.
Read more ⟶

Threat Modelling with Fabric Framework


The Fabric framework enhances AI-powered threat modeling with a new pattern, offering detailed, actionable security insights.
Read more ⟶

Leveraging LLMs for Threat Modeling - Claude 3 Opus vs GPT-4


With new version of Claude model, I would like to compare it to GPT-4 in threat modeling.
Read more ⟶

Reviewing Your Architecture Using LLMs


The quality of input data is crucial for LLMs to perform effectively. Learn how you can use these LLMs to improve your architectural descriptions. Explore the new feature in my ai-threat-modeling-action GitHub action.
Read more ⟶

Leveraging LLMs for Threat Modeling - GPT-3.5 vs Claude 2 vs GPT-4


We put the leading AI models to the test in threat modeling. Let's dive into the results and see which one comes out on top.
Read more ⟶

Leveraging LLMs for Threat Modeling - GPT-3.5


In this article, I delve into the AI Nutrition-Pro experiment, a research project exploring the potential of LLMs in enhancing security practices during the design phase of DevSecOps: threat modeling and security review.
Read more ⟶

Mitigating SSRF vulnerabilities in Go. A practical guide. Part 2


In this final part of mitigation guide we will explore doyensec/safeurl library for Go.
Read more ⟶