<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Offended Security</title>
    <description>Because security just isn&#39;t offensive enough</description>
    
    <link>https://www.offendedsecurity.net/</link>
    <atom:link href="https://rss.beehiiv.com/feeds/LR0TG09cy1.xml" rel="self"/>
    
    <lastBuildDate>Wed, 1 Jul 2026 03:39:30 +0000</lastBuildDate>
    <pubDate>Wed, 01 Jul 2026 00:53:52 +0000</pubDate>
    <atom:published>2026-07-01T00:53:52Z</atom:published>
    <atom:updated>2026-07-01T03:39:30Z</atom:updated>
    
      <category>Artificial Intelligence</category>
      <category>Cybersecurity</category>
      <category>Technology</category>
    <copyright>Copyright 2026, Offended Security</copyright>
    
    <image>
      <url>https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/publication/logo/e40869ad-e8ef-4b50-82cb-48beffe4b820/24a2e635-63e9-457d-8b43-d4672f151886.png</url>
      <title>Offended Security</title>
      <link>https://www.offendedsecurity.net/</link>
    </image>
    
    <docs>https://www.rssboard.org/rss-specification</docs>
    <generator>beehiiv</generator>
    <language>en-us</language>
    <webMaster>support@beehiiv.com (Beehiiv Support)</webMaster>

      <item>
  <title>Skepticism is not a strategy, despair is not doing something</title>
  <description>or how I learnt to stop worrying and be in the room</description>
      <enclosure url="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/cee894d2-4cc6-4381-b77d-c12a0e52ee49/camus.png" length="7905711" type="image/png"/>
  <link>https://www.offendedsecurity.net/p/skepticism-is-not-a-strategy</link>
  <guid isPermaLink="true">https://www.offendedsecurity.net/p/skepticism-is-not-a-strategy</guid>
  <pubDate>Wed, 01 Jul 2026 00:53:52 +0000</pubDate>
  <atom:published>2026-07-01T00:53:52Z</atom:published>
    <dc:creator>Ben Gittins</dc:creator>
    <category><![CDATA[Ai]]></category>
    <category><![CDATA[Philosophy]]></category>
  <content:encoded><![CDATA[
    <div class='beehiiv'><style>
  .bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
  .bh__table_cell { padding: 5px; background-color: #FFFFFF; }
  .bh__table_cell p { color: #2D2D2D; font-family: 'Helvetica',Arial,sans-serif !important; overflow-wrap: break-word; }
  .bh__table_header { padding: 5px; background-color:#F1F1F1; }
  .bh__table_header p { color: #2A2A2A; font-family:'Trebuchet MS','Lucida Grande',Tahoma,sans-serif !important; overflow-wrap: break-word; }
</style><div class='beehiiv__body'><p class="paragraph" style="text-align:left;">Working in security is a commitment to a career of cognitive dissonance. Our work requires (more like <b>demands</b>) healthy skepticism. Yet we somehow find ourselves coming to work each day. We know about all the proverbial skeletons in the closet of services, devices and apps and all the myriad ways in which they could go wrong and yet we have committed ourselves to fixing it. A curious skeptical nature mixed with a bizarre desire to do good will get you very far in security. </p><p class="paragraph" style="text-align:left;">It might also be your undoing. The same instinct that makes you good at this job, assuming everything will break, can quietly become the reason you refuse to engage when something new shows up.</p><h2 class="heading" style="text-align:left;" id="epistemic-and-defensive-skepticism">Epistemic and defensive skepticism</h2><p class="paragraph" style="text-align:left;">Skepticism is an interesting concept philosophically. It can present as both a defence mechanism and an epistemic (meaning a means of seeking knowledge) virtue and separating between which brand you have requires self examination. A fair distinguishing feature between epistemic and defensive skepticism is the direction in which it faces. An epistemic skeptic is equally skeptical of all things, seeks balance between belief and evidence and withholds or caveats judgement under uncertainty. This framework is applied uniformly to both internal and external ideas or values. Whereas a defensive skeptic typically applies this framework only to that which threatens existing beliefs or could introduce emotional risk. This leaves uncomfortable assumptions unexamined and is arguably just a form of intellectualisation rather than a legitimate desire to be more critically minded.</p><p class="paragraph" style="text-align:left;"><b><i>Are you fairly applying your skepticism to AI?</i></b></p><h2 class="heading" style="text-align:left;" id="defensive-skepticism-in-practice">Defensive skepticism in practice</h2><p class="paragraph" style="text-align:left;">It’s likely you’ve experienced this before, perhaps it’s something you might upon reflection notice in yourself. Refusing to evaluate or approve AI tooling because “it represents too great a risk”, yet not choosing to understand it. Being critical of those that use AI as part of their workflow, not because their approach is flawed, but because they have an approach at all. Or perhaps you’ve seen the perpetual sandman. Not reading, not testing, not forming an opinion and treating that absence as a position. These all seem like unique and perhaps understandable responses but they all produce the same outcome: you’re not in the room when it matters.</p><h2 class="heading" style="text-align:left;" id="the-price-of-being-defensive">The price of being defensive</h2><p class="paragraph" style="text-align:left;">Absence is not a defence nor is refusal. AI adoption is something that will happen, LLMs do not need to be <i>correct</i> to be successful. They just need to be close enough. Your developers are going to use AI, your HR staff are going to use AI and your executives are going to push AI. In security we frequently talk about <b>Known Knowns, Known Unknowns and Unknown Unknowns</b>. Usually it’s the unknowns that keep us awake at night. But here’s an unknown worth losing sleep over: In every room you’re absent from you’ve left an empty chair. That chair was your chance to help make decisions about how AI gets adopted, what guardrails should exist, what data should flow where. Those decisions are getting made right now, by those that show up. You’re on the back foot, responding not guiding, flailing not leading.</p><h2 class="heading" style="text-align:left;" id="philosophy-meets-practicality">Philosophy meets practicality</h2><p class="paragraph" style="text-align:left;">Question. Why do you patch vulnerabilities? There are a lot of answers to this question, and the majority of them are correct. Consider for a moment, if you will, the futility of the practice. Do vulnerabilities ever stop? You don’t refuse to patch a vulnerability simply because there will be more. When we must, we simply do. Yet somehow this logic doesn&#39;t survive contact with AI. What you&#39;re doing every time you patch is <a class="link" href="https://www.britannica.com/topic/The-Myth-of-Sisyphus?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=skepticism-is-not-a-strategy-despair-is-not-doing-something" target="_blank" rel="noopener noreferrer nofollow">what Camus described</a>. You push the boulder knowing it rolls back. You don&#39;t stop because it&#39;s futile, you find meaning in the effort. Camus concluded this wasn&#39;t despair, it was engagement in spite of the absurdity. &quot;One must imagine Sisyphus happy.&quot; </p><p class="paragraph" style="text-align:left;">So why is AI the boulder you&#39;ve decided to sit down in front of?</p><h2 class="heading" style="text-align:left;" id="being-in-the-room">Being in the room</h2><p class="paragraph" style="text-align:left;">So where does all this leave us? The answer is clear, <b>you need to be in the room</b>. You need to be an active part of the decision making process. This does not mean you’re a cheerleader. You don’t have to be “pro-ai”. Rather you should let the very skepticism that is excluding you become a virtue. This means your solution to AI in your organisation cannot simply <b>be no.</b> </p><p class="paragraph" style="text-align:left;"></p><p class="paragraph" style="text-align:left;"></p></div><div class='beehiiv__footer'><br class='beehiiv__footer__break'><hr class='beehiiv__footer__line'><a target="_blank" class="beehiiv__footer_link" style="text-align: center;" href="https://www.beehiiv.com/?utm_campaign=a7250ca0-4234-49f7-a9c9-a2a87c317f80&utm_medium=post_rss&utm_source=offended_security">Powered by beehiiv</a></div></div>
  ]]></content:encoded>
</item>

      <item>
  <title>Are we post-CTF or is it simply time to rethink?</title>
  <description>A retrospective on the CrikeyCon 11 CTF </description>
      <enclosure url="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/f6b9779f-7d15-4e69-aded-4e23649078b3/hero-banner.png" length="3260135" type="image/png"/>
  <link>https://www.offendedsecurity.net/p/post-ctf-world</link>
  <guid isPermaLink="true">https://www.offendedsecurity.net/p/post-ctf-world</guid>
  <pubDate>Mon, 23 Mar 2026 06:36:40 +0000</pubDate>
  <atom:published>2026-03-23T06:36:40Z</atom:published>
    <dc:creator>Ben Gittins</dc:creator>
    <category><![CDATA[Ai]]></category>
    <category><![CDATA[Ctf]]></category>
  <content:encoded><![CDATA[
    <div class='beehiiv'><style>
  .bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
  .bh__table_cell { padding: 5px; background-color: #FFFFFF; }
  .bh__table_cell p { color: #2D2D2D; font-family: 'Helvetica',Arial,sans-serif !important; overflow-wrap: break-word; }
  .bh__table_header { padding: 5px; background-color:#F1F1F1; }
  .bh__table_header p { color: #2A2A2A; font-family:'Trebuchet MS','Lucida Grande',Tahoma,sans-serif !important; overflow-wrap: break-word; }
</style><div class='beehiiv__body'><p class="paragraph" style="text-align:left;">I&#39;ve had the privilege of working on some amazing CTFs (Capture the Flags) in my career. From building internal ones, to delivering them for companies at cons or being part of the team running them at community events. Making challenges and seeing people learn from them is something that brings me great joy. There is a pretty insane amount of effort that goes into a good CTF. Coming up with challenges, spinning up reliable infrastructure for hundreds or thousands of people to use and wrangling a bunch of volunteers takes patience and perseverance and hundreds of hours usually crunched into a few weeks/days/hours prior to the event.</p><p class="paragraph" style="text-align:left;">CrikeyCon 11 was no exception. We had big dreams about starting earlier but soon found ourselves working right up to the bell (even pushing challenges during the event). In a lot of ways I probably wouldn&#39;t change a thing about that, pressure makes diamonds.</p><p class="paragraph" style="text-align:left;">As usual I want to thank the challenge writers (you guys rock) and my fellow organisers and volunteers (you know who you are). Your continued dedication and hard work is so impressive and something you should be proud of.</p><p class="paragraph" style="text-align:left;">Without further ado, here is my retrospective for the CrikeyCon 11 CTF.</p><h2 class="heading" style="text-align:left;" id="the-ailephant-in-the-room">The ai-lephant in the room</h2><p class="paragraph" style="text-align:left;">For those that didn&#39;t attend CrikeyCon this year or attend the closing ceremony (where were you!?) you missed what could be considered a reasonably large disruption within the CTF space: AI. Now to most CTF attendees or organisers this isn&#39;t a surprise: AI is pretty well equipped to aid competitors. This year however, it definitely exceeded just aiding. We had our first competitor to simply authenticate Claude Code with their CTFd cookies and prompt it to complete the CTF. There was a lot more to it and I won&#39;t steal that competitor&#39;s thunder and will share/link them once they have written it up for themselves. For clarification we (the organisers of the CTF) were aware of this and largely saw it as a reasonable experiment. The surprising (or perhaps unsurprising to me) outcome was that this <b>competitor won</b>. The winning competitor gracefully passed on their first prize to the non-agentic winner. The agent basically flattened our CTF completing 79 out of 80ish challenges including access control challenges but excluding lock-picking challenges.</p><p class="paragraph" style="text-align:left;">As with any disruptive technology there are different schools of thought as to what this means and I want to capture some of them for posterity.</p><h3 class="heading" style="text-align:left;" id="ct-fs-are-dead">CTFs are dead</h3><p class="paragraph" style="text-align:left;">This was probably the most common reaction from challenge writers. Writing unique challenges is hard and there is an expectation that people will put effort in to solving them. It&#39;s a natural reaction, one of the greatest rewards from writing a challenge is when you absolutely nail it. Nailing a challenge has a few different forms:</p><ul><li><p class="paragraph" style="text-align:left;">You make a challenge that gets solved by 1 team</p></li><li><p class="paragraph" style="text-align:left;">You make a challenge that fits its category and difficulty rating perfectly</p></li><li><p class="paragraph" style="text-align:left;">You make a challenge that is unique and quirky and absolutely frustrates the hell out of a team/player</p></li></ul><p class="paragraph" style="text-align:left;">All of these are what I personally consider success when writing a challenge. Sometimes your challenges are meant to be solved (especially 101 challenges), sometimes they aren&#39;t meant to be solved and sometimes you just really want the winning team to beg you for the answer.</p><p class="paragraph" style="text-align:left;">The outcome on Saturday takes away all of these rewards. If your challenge can be solved by AI then every team has access to it, therefore point 1 doesn&#39;t apply. Point 2: the category and difficulty doesn&#39;t matter. And point 3? Well, Claude doesn&#39;t complain. This leaves less incentive for challenge authors to create challenges which then leaves the CTF scene less vibrant and interesting.</p><h3 class="heading" style="text-align:left;" id="ct-fs-are-going-to-have-to-change-b">CTFs are going to have to change but I am not quite sure how</h3><p class="paragraph" style="text-align:left;">The other reaction was: hmmm, what do we do? I call this the <i>what&#39;s next</i> reaction. Essentially these people acknowledge the coolness of the technology and are also not sure how we can incorporate it. I think this is probably the second most popular viewpoint. They see that there is a future but aren&#39;t quite sure about how we get there. In some cases there is a feeling of not wanting to own the future. This is something I saw in some CTF players and challenge writers as well.</p><h3 class="heading" style="text-align:left;" id="wow-this-is-cool-wow-this-is-scary">Wow this is cool / Wow this is scary</h3><p class="paragraph" style="text-align:left;">Pretty self-explanatory. Most people fall into this category. They are either excited or afraid. Either one is a perfectly natural response. I have a post I am cooking up about this topic so I won&#39;t spend too much time on it.</p><h2 class="heading" style="text-align:left;" id="so-what-does-the-future-of-ctf-look">So what does the future of CTF look like?</h2><p class="paragraph" style="text-align:left;">These are just my thoughts so take them with a grain of salt.</p><h3 class="heading" style="text-align:left;" id="we-probably-need-two-streams-of-ctf">We probably need two streams of CTF: a classic CTF and an agentic centric CTF</h3><p class="paragraph" style="text-align:left;">The traditional CTF still has a place and I think it should continue. The reason I say this is that the core benefit for participants (aside from Lego and bragging rights) is learning. We have a responsibility to learners as CTF writers to keep giving them a place to play and learn. That being said we will probably have to begin to take a harder line towards AI within these competitions and rethink our challenges a little bit.</p><p class="paragraph" style="text-align:left;">During the CTF we offered prizes to people that would come up and admit/show us that they were using AI. We had at one point a line of 12 people waiting to show us laptops open with ChatGPT and Claude windows on display. AI is inescapable so we need to think about how we can account for that. This is going to take time and creativity.</p><p class="paragraph" style="text-align:left;">The second stream is an agentic centric stream. I have some thoughts about what this might look like.</p><h3 class="heading" style="text-align:left;" id="agent-jungle-gym">Agent jungle gym</h3><p class="paragraph" style="text-align:left;">It has long been a desire of myself and other CrikeyCon peeps to bring back a form of the Red vs Blue CTF challenge. These are dynamic attack and defence challenges that more closely imitate the way in which attackers and defenders work in a network. I think the outcome of this weekend just past justifies that. I&#39;ve sketched out something I like to call the jungle gym. It&#39;s a hybrid between red vs blue and a king of the hill challenge with a bit of a twist: agents only, or a combination of agents and humans.</p><p class="paragraph" style="text-align:left;">Essentially there are three rounds. At the beginning of each round you get to submit your agent/agents. That agent is presented with a series of boxes they are tasked with protecting and a series of boxes they are tasked with attacking. The boxes they are protecting have services and flags that must remain available; this is a prerequisite to score offensive points. Points are awarded for keeping your services available and taking down other teams&#39; services. Each round is a novel environment and in between rounds competitors get to work on their agentic approaches before the next one starts.</p><div class="image"><img alt="" class="image__image" style="" src="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/a97e8a64-d542-4097-bb8e-d3457098fade/image.png?t=1774247683"/></div><p class="paragraph" style="text-align:left;">This creates an interesting and dynamic environment for players and observers and also removes the inherent edge of AI. I am also exploring how to showcase what the agents are doing, and as to if it should be run by a form of AI dungeon master that handles injects. It would also be interesting to see if a team for example decided to not use AI and compare their placing to others. This is still early stages and we are a fair way out from it. My soft goal is to run an online version of this sometime in the later half of this year. If you&#39;re interested in taking part reach out to me, I will be writing and sharing more about this soon.</p><p class="paragraph" style="text-align:left;">I will also be seeking sponsors to help pay for tokens as well so that there isn&#39;t a financial barrier to participation. If you&#39;ve got someone that can help with that please point them in my direction.</p><h3 class="heading" style="text-align:left;" id="ai-has-benefits-for-challenge-creat">AI has benefits for challenge creators</h3><p class="paragraph" style="text-align:left;">Writing challenges is time consuming. There are a lot of ways that we as challenge creators can use agents to improve this process.</p><p class="paragraph" style="text-align:left;">I experimented a fair bit with agents this year and have the following observations:</p><h4 class="heading" style="text-align:left;" id="agents-make-much-better-uiux-than-w">Agents make much better UI/UX than we would normally, especially in web challenges</h4><p class="paragraph" style="text-align:left;">UI/UX historically hasn&#39;t been part of the challenge space. A lot of people that write challenges are not actively incentivised to provide a good UI for something that will be used for one day. Agents change this a bit. Having an LLM create a functioning user interface that goes over the top of your web challenge can be extremely powerful. This allows for much better visual storytelling and theming as well. We had some genuinely unique and interesting challenges that were greatly enhanced by the interface we could put on top of them.</p><h4 class="heading" style="text-align:left;" id="agents-can-add-dynamism-to-challeng">Agents can add dynamism to challenges</h4><p class="paragraph" style="text-align:left;">Last year I experimented with agentic challenges by creating an IRC server that was populated with LLMs. Each LLM had different levels of protection from prompt injection and had a flag they needed to protect. This year we initially didn&#39;t have any LLM challenges, but during the day I set myself a challenge to use an agent to build an agentic challenge and push it live before the day ended.</p><p class="paragraph" style="text-align:left;">The result was a challenge called slop-machine. Essentially, you pulled the lever and you got a random challenge displayed within an iFrame on the page. This challenge was live vibe-coded by an LLM (qwen3.5-35b-a3b, an open-source model) immediately after you pulled the lever and presented to you without a human reviewing it. Topics for challenges were mostlyweb and crypto, obviously limited by the implementation. There was an element of luck to the challenge in that you had a much greater chance of being presented with a challenge you literally could not solve (either because the LLM just borked it or the answer was wrong).</p><p class="paragraph" style="text-align:left;">It was interesting to watch. Some people came up and asked why it was so easy, while I watched others pull and pull the lever getting perpetually wrong challenges. It&#39;s fun watching the non-deterministic nature of LLMs play out in real time. Dynamic interaction is a really powerful means of making an engaging and interesting challenge and I&#39;ve got a lot more ideas that I will be bringing to future CTFs.</p><h4 class="heading" style="text-align:left;" id="agents-are-generally-pretty-capable">Agents are generally pretty capable of handling your 101 challenges</h4><p class="paragraph" style="text-align:left;">101 challenges are a must for any CTF, especially for Crikey. A lot of attendees are students or people new to the industry. These challenges are all very similar each year but still need to be slightly different and fit the yearly theme. These make up a reasonable portion of challenges each year and are still time consuming. Agents are great at making these (with a bit of prodding). So if you&#39;re building 101 challenges, agents are your friend. Avoid trying to one-shot multiple at the same time. I tried a mix of both and the one-shot multiple challenges were extremely unreliable. Use planning mode and be clear about what you want.</p><h4 class="heading" style="text-align:left;" id="agents-are-better-at-solving-challe">Agents are better at solving challenges than writing them</h4><p class="paragraph" style="text-align:left;">In a similar vein, agents are much better at solving challenges currently than writing them. Agentic output is inherently derivative; it&#39;s noisy enough to be interesting but not yet truly novel. Challenge writing requires novel thinking and current context that LLMs lack. Humans currently are still the best people to write difficult and interesting challenges. I would recommend avoiding using agents for anything beyond the easiest challenges, agent centric challenges, UI/UX, dynamic testing and writing IaC for infrastructure at the moment.</p><p class="paragraph" style="text-align:left;">Alright, enough AI.</p><h2 class="heading" style="text-align:left;" id="what-we-did-right">What we did right</h2><h3 class="heading" style="text-align:left;" id="created-a-great-vibe-within-the-ctf">Created a great vibe within the CTF room</h3><p class="paragraph" style="text-align:left;">CTFs should be social and communication/community reliance are super important skills. Participants are choosing to give up a lot of the benefits of a con by taking part so we want to try to bring them that experience. This year (thanks to our awesome community and sponsors) we had a bunch of prizes. This allowed us to come up with some interesting means of giving out prizes. Aside from the AI confessional we also had a rap battle. We offered 1000 points to the winner of the battle, giving them 45 minutes to come up with a unique rap. This was entirely off the cuff and honestly we did not expect the uptake; something like 8 teams came up and competed. We ended up having a tie for first and gave each team another 15 minutes to come up with some lines for a rap battle.</p><p class="paragraph" style="text-align:left;">The finalist teams were both university cybersecurity societies. It was awesome to see the next generation of cybersecurity being so willing to get up in front of the community and have fun. I think that says a lot about the unique community we have in our industry and it&#39;s something I and the other organisers want to bring to future cons.</p><h3 class="heading" style="text-align:left;" id="improved-infrastructure-maturity">Improved infrastructure maturity</h3><p class="paragraph" style="text-align:left;">Last year we had a largely click-ops based approach to deploying our CTF infrastructure and I spent days making sure everything was working. This year was entirely different. Underlying infrastructure was handled by Terraform, scheduling services was handled by Nomad and challenge definition files were subject to linting and CI/CD. This wasn&#39;t perfect; we had a few little blips where we had to scale up the instances larger than we expected, but it made the process of getting started so much easier. Taking the learnings from this away, I will have a post soon where I officially open source the infrastructure template I&#39;ve created. My hope is that this will help everyone run better CTFs themselves.</p><p class="paragraph" style="text-align:left;">Some changes I want to make include creating traditional test harnesses as well as agentic ones, so that LLMs can have a crack at challenges. This will give us an idea as to whether our challenges are solvable via LLMs and also help spot issues with availability and performance earlier.</p><h3 class="heading" style="text-align:left;" id="fresh-blood-in-the-challenge-creato">Fresh blood in the challenge creator space</h3><p class="paragraph" style="text-align:left;">I&#39;ve said it a million times but I am so thankful for our challenge writers. I have an extra pile of thanks for our new challenge writers. You&#39;ve become part of a strange dysfunctional family that is so much better for you being there. It takes a lot of courage to write a CTF challenge; you&#39;re basically asking people to hack something you made. We saw some awesome challenges from new creators that were fresh, vibrant and different.</p><h2 class="heading" style="text-align:left;" id="what-we-could-do-better">What we could do better</h2><h3 class="heading" style="text-align:left;" id="start-earlier-we-try">Start earlier (we try)</h3><p class="paragraph" style="text-align:left;">My perpetual dream with every CTF is that I wish I&#39;d started earlier. This is a pretty hard ask for our volunteers and creators so it&#39;s probably going to stay a wish. There are definitely project management and organisational style bits and bobs we could implement as well.</p><h3 class="heading" style="text-align:left;" id="expand-our-challenge-base">Expand our challenge base</h3><p class="paragraph" style="text-align:left;">Lots of great feedback this year about blue team and forensics challenges. These are things we&#39;d love to have more of. Our challenge make up currently reflects our creators, that is very web/offensive sec heavy. Variety is the spice of life. So if you&#39;re interested in becoming a challenge writer please reach out to me. There is so much to gain from it and writing challenges is such a great way to validate understanding. We are open to any challenge from anyone and if you&#39;re looking for ideas we are also full of those.</p><h3 class="heading" style="text-align:left;" id="embrace-ai">Embrace AI</h3><p class="paragraph" style="text-align:left;">I&#39;ve said enough about this above. There is more we can do in this space and we will.</p><p class="paragraph" style="text-align:left;">Happy hacking and see you next year.</p></div><div class='beehiiv__footer'><br class='beehiiv__footer__break'><hr class='beehiiv__footer__line'><a target="_blank" class="beehiiv__footer_link" style="text-align: center;" href="https://www.beehiiv.com/?utm_campaign=41003c81-0274-4c65-b809-1406a6ee8b73&utm_medium=post_rss&utm_source=offended_security">Powered by beehiiv</a></div></div>
  ]]></content:encoded>
</item>

      <item>
  <title>Is AI security really different from ProdSec?</title>
  <description>TLDR; The majority of AI security is product or application security fundamentals applied to a new context. </description>
      <enclosure url="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/0b6fe38f-025c-405e-bee7-3f1bf839789d/NPM.jpg" length="125853" type="image/jpeg"/>
  <link>https://www.offendedsecurity.net/p/is-ai-security-really-different-from-prodsec</link>
  <guid isPermaLink="true">https://www.offendedsecurity.net/p/is-ai-security-really-different-from-prodsec</guid>
  <pubDate>Tue, 11 Nov 2025 04:37:34 +0000</pubDate>
  <atom:published>2025-11-11T04:37:34Z</atom:published>
    <dc:creator>Ben Gittins</dc:creator>
    <category><![CDATA[Ai]]></category>
  <content:encoded><![CDATA[
    <div class='beehiiv'><style>
  .bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
  .bh__table_cell { padding: 5px; background-color: #FFFFFF; }
  .bh__table_cell p { color: #2D2D2D; font-family: 'Helvetica',Arial,sans-serif !important; overflow-wrap: break-word; }
  .bh__table_header { padding: 5px; background-color:#F1F1F1; }
  .bh__table_header p { color: #2A2A2A; font-family:'Trebuchet MS','Lucida Grande',Tahoma,sans-serif !important; overflow-wrap: break-word; }
</style><div class='beehiiv__body'><p class="paragraph" style="text-align:left;"><a class="link" href="https://magic.beehiiv.com/v1/e40869ad-e8ef-4b50-82cb-48beffe4b820?email={{email}}&utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=is-ai-security-really-different-from-prodsec" target="_blank" rel="noopener noreferrer nofollow">Subscribe to get the next post delivered directly to your inbox</a></p><p class="paragraph" style="text-align:left;">In the mid-to-late 1800s humanity developed the humble beginnings of evidence based western medicine, doctors treated illness using medication (mostly opium) and performed basic surgery. We began to see reductions in mortality rates and improvements in public health. Medical history of course, didn’t end in the 1800s, beginning in the 1870s new “medical” boom occurred: patent medicine vendors travelling the countryside pitching cures. </p><p class="paragraph" style="text-align:left;">These cures weren’t for diseases that medicine was already addressing such as cholera or typhoid rather they were for entirely new ailments. Fun sounding diseases such as americanitis (the disease of living too fast), neurasthenia (exhaustion with technology) and hysteria (a dark stain on our medical history) became the modern plague. They weren’t pitched as evolutions of known diseases, rather they were new conditions that medicine couldn’t understand because it was “outdated”. Opium? How quaint, Surgery? How barbaric. </p><p class="paragraph" style="text-align:left;">The new era of disease required a new proprietary fix with its own new secret ingredients. Vendors would publish almanacs, hold lectures and make charts flooded with medical-adjacent terms and classification systems. Suddenly everyone wanted, nay, needed <a class="link" href="https://www.neh.gov/article/dr-kilmers-curious-cure-all?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=is-ai-security-really-different-from-prodsec" target="_blank" rel="noopener noreferrer nofollow">Dr Kilmer’s Swamp Root</a> or <a class="link" href="https://embryo.asu.edu/pages/lydia-pinkhams-vegetable-compound-1873-1906?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=is-ai-security-really-different-from-prodsec" target="_blank" rel="noopener noreferrer nofollow">Lydia Pinkham’s Vegetable Compound</a>. Doctors were dismayed, and pointed out that these new conditions were in fact just anxiety, poor diet or depression wrapped into a much better looking wrapper. This was dismissed by the public and the patent vendors as just them “not getting it”, they were out of date dinosaurs that hadn’t yet adapted to the reality of the new disease. </p><p class="paragraph" style="text-align:left;">Why is this relevant? Well, patent medicines did sometimes contain novel active ingredients (usually boatloads of cocaine and alcohol). Some potentially might have worked. Instead of integrating these discoveries or understandings into medicine, vendors built entire parallel industries around them, replete with new diagnostic frameworks and certifications. This didn’t stop in the US until 1906 when the Pure Food and Drug Act forced vendors to disclose ingredients and stop making fraudulent claims.</p><p class="paragraph" style="text-align:left;">Flash forward to the present, in the mid to late 2010s humanity developed the humble beginnings of functional AI. Whilst the concept for a large language model had existed for a while, the emergence of both the internet and affordable hardware enabled scale beyond our wildest dreams. The history of AI didn’t end in the 2010’s, in the early to late 2020’s we started to see these tools explode. The adoption of these tools without consideration or planning led to the development of an entire industry built around the need to secure these tools. This industry created its own taxonomy of threats with pretty charts and lectures designed to legitimise it. Prompt injection, emergent capabilities and model poisoning became all the rage.</p><p class="paragraph" style="text-align:left;">This new era of threats required it&#39;s own proprietary practices, tools and teams. Suddenly everyone wanted what these vendors were selling. Security practitioners were dismayed and pointed out that these new conditions were in-fact just product and application security wrapped into a different, more appealing wrapper. </p><p class="paragraph" style="text-align:left;">Why is this relevant? Well there is some truth to the idea that novel security challenges exist within AI, but it’s being packaged as if there is a need for it to operate separately from ProdSec and AppSec. There is an entire parallel industry being created when its really just an extension of our existing practices with some new learnings necessary.</p><p class="paragraph" style="text-align:left;">The patent medicine industry for today’s <b>ai</b>lment is inventively named AI security.</p><p class="paragraph" style="text-align:left;">We’re in an AI boom/bubble/whatever, I am not going to debate about the validity or reality of it because it isn’t relevant. You, me and everyone else have got a job to do and that job most likely involves securing something that is getting or already has AI, regardless of our feelings or opinions. Technology being technology and hype-cycles being hype-cycles we have quickly found ourselves facing a petri-dish of half-baked immature technology smearing rapidly expanding lifeforms all over the place. We’re also continually being bombarded with the latest and greatest solution to fix the problems that tend to occur when half-baked immature technology gets unleashed upon business and individuals alike. What are these problems? Are they something unique? My argument (if it wasn’t already clear) is <b>no</b> and <b>no.</b></p><p class="paragraph" style="text-align:left;">AI Security is largely just ProdSec and/or AppSec. Note: I say largely, because there is legitimate necessity for researchers to focus on novel attacks that might arise within these models and a need to update our classification methodologies. Furthermore there is space for new approaches to solving problems and ways that we can use these tools to our benefits. But as a defender/blue/purple teamer I struggle to see the need for this to exist as a separate discipline. </p><p class="paragraph" style="text-align:left;">AI systems are just software systems (usually APIs) with unusual/quirky characteristics. They take inputs, process them (through parameters as opposed to explicit logic) and produce outputs. The concerns these systems create map neatly to traditional product security domains. To clarify this I have outlined some of them below:</p><p class="paragraph" style="text-align:left;"><b>Prompt Injection </b>aka Input Validation Failure - </p><p class="paragraph" style="text-align:left;">Regardless as to if you’re sanitising SQL inputs or sanitising prompts to prevent injection, the pattern is identical. We have our methods for addressing this including:</p><ul><li><p class="paragraph" style="text-align:left;">Input sanitisation</p></li><li><p class="paragraph" style="text-align:left;">Structured input formats</p></li><li><p class="paragraph" style="text-align:left;">Delimiters between system instructions and user input</p></li><li><p class="paragraph" style="text-align:left;">Filtering layers before processing (anyone heard of a WAF before)</p></li><li><p class="paragraph" style="text-align:left;">Output validation</p></li><li><p class="paragraph" style="text-align:left;">Principle of least privilege</p></li><li><p class="paragraph" style="text-align:left;">Input length limiting and rate limiting </p></li></ul><p class="paragraph" style="text-align:left;"><b>Jailbreaking </b>aka AuthN/AuthZ Bypass -</p><p class="paragraph" style="text-align:left;">Securing who can query your data and under what circumstances is the same problem whether its a model or an API.</p><ul><li><p class="paragraph" style="text-align:left;">System level guardrails independent of the model</p></li><li><p class="paragraph" style="text-align:left;">Filtering layers before and after processing</p></li><li><p class="paragraph" style="text-align:left;">Behavioural analysis for detecting policy violations</p></li><li><p class="paragraph" style="text-align:left;">Principle of least privilege</p></li><li><p class="paragraph" style="text-align:left;">Monitoring for known patterns (WAF again)</p></li></ul><p class="paragraph" style="text-align:left;"><b>Model Poisoning </b>aka Software Supply Chain attack -</p><p class="paragraph" style="text-align:left;">A poisoned npm package and a backdoored model weight from Hugging Face are exactly the same threat category. Both are just third party dependencies</p><ul><li><p class="paragraph" style="text-align:left;">Model provenance tracking and signing</p></li><li><p class="paragraph" style="text-align:left;">Model sourcing decisions</p></li><li><p class="paragraph" style="text-align:left;">SBOMs</p></li><li><p class="paragraph" style="text-align:left;">Dependency scanning</p></li><li><p class="paragraph" style="text-align:left;">Code review</p></li><li><p class="paragraph" style="text-align:left;">Integrity of training pipelines</p></li><li><p class="paragraph" style="text-align:left;">Controlled training environments</p></li><li><p class="paragraph" style="text-align:left;">Version control</p></li></ul><p class="paragraph" style="text-align:left;">This mapping continues all the way up and down the threat landscape and I might dedicate a large post to this alone. </p><p class="paragraph" style="text-align:left;">So what&#39;s the prescription from this ProdSec lead? Extend your existing ProdSec/AppSec program to cover AI systems. Train your team on the quirks of probabilistic behaviour and adversarial ML, yes. Add some new tools for model scanning and prompt testing, absolutely. But don&#39;t create a parallel security organisation. Don&#39;t buy a vendor platform that treats AI security as fundamentally separate from the rest of your security posture. The patent medicine era ended when regulators forced transparency about ingredients. The AI security vendor boom will end when organisations realise they already have most of the ingredients in their existing security programs, they just need to apply them to a new (if quirky) type of software system.</p><p class="paragraph" style="text-align:left;">The patent medicine vendors were selling sugar water with cocaine. The AI security vendors are selling you AppSec/ProdSec with buzzwords. Some of the ingredients are genuinely useful. Most of what you need, you already have.</p></div><div class='beehiiv__footer'><br class='beehiiv__footer__break'><hr class='beehiiv__footer__line'><a target="_blank" class="beehiiv__footer_link" style="text-align: center;" href="https://www.beehiiv.com/?utm_campaign=19379632-17e2-4f6b-91cb-0a3db45af0a6&utm_medium=post_rss&utm_source=offended_security">Powered by beehiiv</a></div></div>
  ]]></content:encoded>
</item>

      <item>
  <title>Practical short term steps for managing supply chain risk in JavaScript/Python</title>
  <description>When it rains, it pours... too bad it has always been pouring in the NPM ecosystem</description>
      <enclosure url="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/e1fbddb8-eb5f-430b-b9a8-f4f4f700e408/NPM.png" length="1859706" type="image/png"/>
  <link>https://www.offendedsecurity.net/p/practical-steps-for-managing-supply-chain-risk-in-the-short-term</link>
  <guid isPermaLink="true">https://www.offendedsecurity.net/p/practical-steps-for-managing-supply-chain-risk-in-the-short-term</guid>
  <pubDate>Thu, 18 Sep 2025 02:12:45 +0000</pubDate>
  <atom:published>2025-09-18T02:12:45Z</atom:published>
    <dc:creator>Ben Gittins</dc:creator>
    <category><![CDATA[Supply Chain]]></category>
  <content:encoded><![CDATA[
    <div class='beehiiv'><style>
  .bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
  .bh__table_cell { padding: 5px; background-color: #FFFFFF; }
  .bh__table_cell p { color: #2D2D2D; font-family: 'Helvetica',Arial,sans-serif !important; overflow-wrap: break-word; }
  .bh__table_header { padding: 5px; background-color:#F1F1F1; }
  .bh__table_header p { color: #2A2A2A; font-family:'Trebuchet MS','Lucida Grande',Tahoma,sans-serif !important; overflow-wrap: break-word; }
</style><div class='beehiiv__body'><p class="paragraph" style="text-align:left;"><a class="link" href="https://magic.beehiiv.com/v1/e40869ad-e8ef-4b50-82cb-48beffe4b820?email={{email}}&utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=practical-short-term-steps-for-managing-supply-chain-risk-in-javascript-python" target="_blank" rel="noopener noreferrer nofollow">Subscribe to get the next post delivered directly to your inbox</a></p><p class="paragraph" style="text-align:left;">If you’ve got an app that even tangentially touches NodeJS/NPM (really if you have eyes and ears) you’ve probably seen these.</p><div class="embed"><a class="embed__url" href="https://getsafety.com/blog-posts/shai-hulud-npm-attack?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=practical-short-term-steps-for-managing-supply-chain-risk-in-javascript-python" target="_blank"><div class="embed__content"><p class="embed__title"> &quot;Shai-Hulud&quot; NPM attack runs malicious GitHub Action </p><p class="embed__description"> An NPM attack compromised dozens of popular packages which then ran malicious GitHub actions in the compromised accounts </p><p class="embed__link"> getsafety.com/blog-posts/shai-hulud-npm-attack </p></div><img class="embed__image embed__image--right" src="https://cdn.prod.website-files.com/679bcc1e8265c4f7b36f7d21/68c8d2659fc3e99eb7c79a50_shai-hulud-npm-attack-small.jpg"/></a></div><div class="embed"><a class="embed__url" href="https://www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=practical-short-term-steps-for-managing-supply-chain-risk-in-javascript-python" target="_blank"><div class="embed__content"><p class="embed__title"> ctrl/tinycolor and 40+ NPM Packages Compromised - StepSecurity </p><p class="embed__description"> The popular @ctrl/tinycolor package with over 2 million weekly downloads has been compromised alongside 40+ other NPM packages in a sophisticated supply chain attack dubbed &quot;Shai-Hulud&quot;. The malware self-propagates across maintainer packages, harvests AWS/GCP/Azure credentials using TruffleHog, and establishes persistence through GitHub Actions backdoors - representing a major escalation in NPM ecosystem threats. </p><p class="embed__link"> www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised </p></div><img class="embed__image embed__image--right" src="https://cdn.prod.website-files.com/673b71f0790aabf30bd30bf8/68c9a9d8787a244b5826e523_Blog-Sept4-19.jpg"/></a></div><div class="embed"><a class="embed__url" href="https://socket.dev/blog/nx-packages-compromised?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=practical-short-term-steps-for-managing-supply-chain-risk-in-javascript-python" target="_blank"><div class="embed__content"><p class="embed__title"> Nx npm Packages Compromised in Supply Chain Attack Weaponizi... </p><p class="embed__description"> Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malwa... </p><p class="embed__link"> socket.dev/blog/nx-packages-compromised </p></div><img class="embed__image embed__image--right" src="https://cdn.sanity.io/images/cgdhsj6q/production/249d9f4a8d2b086b2845a5071be5a794e2a6ec6d-1376x751.png?w=1000&q=95&fit=max&auto=format"/></a></div><p class="paragraph" style="text-align:left;">I am not going to spend a lot of time writing about these particular pieces of malware. The posts above such as that from my mate <a class="link" href="https://www.linkedin.com/in/mccartypaul/?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=practical-short-term-steps-for-managing-supply-chain-risk-in-javascript-python" target="_blank" rel="noopener noreferrer nofollow">Paul McCarty</a> will do the job much better than I ever could.</p><p class="paragraph" style="text-align:left;">I am also not going to talk much about how to respond to this directly. To those affected I wish you a relatively peaceful IR process.</p><p class="paragraph" style="text-align:left;">Rather, I want to spend my words talking about how we as engineers, can move forward from this, providing some steps for short term solutions, plans for medium term solutions and then thought pieces about longer term plays. </p><p class="paragraph" style="text-align:left;">Key thoughts:</p><ul><li><p class="paragraph" style="text-align:left;">Our model of dependency trust is broken and has been broken since the foundation of package managers</p></li><li><p class="paragraph" style="text-align:left;">Industry standards for managing this risk are fundamentally faulty.</p></li><li><p class="paragraph" style="text-align:left;">Manifest-based composition analysis is at best a great distraction from improving your security posture</p></li><li><p class="paragraph" style="text-align:left;">Vulnerability management is less about managing vulnerabilities and more about managing expectations, CVSS/EPSS you name it, they are all largely awful. The number of CVE’s never gets smaller and your system never gets more secure.</p></li><li><p class="paragraph" style="text-align:left;"><a class="link" href="https://en.wikipedia.org/wiki/Reachability_analysis?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=practical-short-term-steps-for-managing-supply-chain-risk-in-javascript-python" target="_blank" rel="noopener noreferrer nofollow">Reachability analysis</a> might give us some relief from this but I’ve yet to see if actually provide benefits to triaging vulnerabilities.</p></li></ul><p class="paragraph" style="text-align:left;">Anyways on to the actual practical bits, this post is going to examine short term solutions for JavaScript and Python in a very compressed manner. I will take a look at other languages in future posts.</p><h2 class="heading" style="text-align:left;" id="pinning-dependencies">Pinning dependencies</h2><p class="paragraph" style="text-align:left;">Dependencies are typically specified within two key file types, <b>manifest files </b>and <b>lock files</b>. Manifest files <code>package.json</code>, <code>go.mod</code>) typically contain the list of direct dependencies e.g. ones you have explicitly installed via <code>npm install</code> or <code>pip install</code> . <b>Lock files</b> on the other hand contain not only the direct dependencies but they typically also contain indirect or transitive dependencies as well as some form of cryptographic verification information (largely used to reduce downloading things that haven’t changed or preventing corruption).</p><p class="paragraph" style="text-align:left;">The dependencies within <b>manifest </b>files are declared typically using a <b>constraint format</b> such as <code>package_name@&gt;1.2.3</code> this would indicate that we are seeking to install the dependency <code>package_name</code> with a version greater than <code>1.2.3</code> from a package repository.</p><p class="paragraph" style="text-align:left;">Version tags as represented within most dependency repositories once published are typically available forever. There are circumstances where a package may need to be removed (such as cases of supply chain compromise) and the behaviour of the registries vary. You can see a breakdown of behaviours below.</p><table width="100%" class="bh__column_wrapper"><tr><td width="50%" class="bh__column"><p class="paragraph" style="text-align:left;"><b>NPM</b></p><ul><li><p class="paragraph" style="text-align:left;"><b>Response Code</b>: 404</p></li><li><p class="paragraph" style="text-align:left;"><b>Removal Policy: </b>Limited unpublishing (24-72 hours after publish) plus other conditions</p></li><li><p class="paragraph" style="text-align:left;"><b>Alternative Actions: </b>Tombstone/placeholder for established packages</p></li></ul></td><td width="50%" class="bh__column"><p class="paragraph" style="text-align:left;"><b>PyPi</b></p><ul><li><p class="paragraph" style="text-align:left;"><b>Response Code</b>: 404</p></li><li><p class="paragraph" style="text-align:left;"><b>Removal Policy: </b>Authors can delete releases but not entire projects easily</p></li><li><p class="paragraph" style="text-align:left;"><b>Alternative Actions: </b>&quot;Yanked&quot; releases - hidden but metadata visible</p></li></ul></td></tr></table><table width="100%" class="bh__column_wrapper"><tr><td width="50%" class="bh__column"><p class="paragraph" style="text-align:left;"><b>Maven Central</b></p><ul><li><p class="paragraph" style="text-align:left;"><b>Response Code</b>: Never returns 404</p></li><li><p class="paragraph" style="text-align:left;"><b>Removal Policy: Never deletes</b> - core immutability principle</p></li><li><p class="paragraph" style="text-align:left;"><b>Alternative Actions: </b>Deprecation warnings only</p></li></ul></td><td width="50%" class="bh__column"><p class="paragraph" style="text-align:left;"><b>RubyGems</b></p><ul><li><p class="paragraph" style="text-align:left;"><b>Response Code</b>: 404</p></li><li><p class="paragraph" style="text-align:left;"><b>Removal Policy: </b>Complete removal possible but discouraged</p></li><li><p class="paragraph" style="text-align:left;"><b>Alternative Actions: </b>&quot;Yank&quot; versions - hidden from search</p></li></ul></td></tr></table><table width="100%" class="bh__column_wrapper"><tr><td width="50%" class="bh__column"><p class="paragraph" style="text-align:left;"><b>Cargo</b></p><ul><li><p class="paragraph" style="text-align:left;"><b>Response Code</b>: Normal response with warning</p></li><li><p class="paragraph" style="text-align:left;"><b>Removal Policy: Cannot delete</b> once published</p></li><li><p class="paragraph" style="text-align:left;"><b>Alternative Actions: </b>&quot;Yank&quot; versions - unavailable for new projects</p></li></ul></td><td width="50%" class="bh__column"><p class="paragraph" style="text-align:left;"><b>NuGet</b></p><ul><li><p class="paragraph" style="text-align:left;"><b>Response Code</b>: 404</p></li><li><p class="paragraph" style="text-align:left;"><b>Removal Policy: </b>Complete deletion allowed for package owners</p></li><li><p class="paragraph" style="text-align:left;"><b>Alternative Actions: </b>&quot;Unlist&quot; packages - hidden from search</p></li></ul></td></tr></table><p class="paragraph" style="text-align:left;">We can see that some registries actually don’t have facilities for removal whatsoever rather they rely upon the behaviour of the package manager itself. </p><p class="paragraph" style="text-align:left;">These behaviours combined with the typical constraint definition within manifest files create the first component of supply chain risk. </p><p class="paragraph" style="text-align:left;">Going back to the <code>package_name@&gt;1.2.3</code> example. When all is working, a maintainer publishes <code>1.2.4</code> and you run <code>npm install</code> which ultimately results in you getting <code>v1.2.4</code> of <code>package_name</code>. What happens if (like recent compromises) a bad actor publishes <code>v.1.2.5</code> ? Well next time you run <code>npm install</code> you’re getting the bad version and its game over.</p><p class="paragraph" style="text-align:left;">How do we fix this?</p><h3 class="heading" style="text-align:left;" id="provide-strict-constraints">Provide strict constraints</h3><p class="paragraph" style="text-align:left;">Define your dependencies using explicit constraints rather than wide constraints. For example you should specify <code>package_name@1.2.4</code> rather than <code>package_name@&gt;1.2.3</code></p><p class="paragraph" style="text-align:left;">This only protects your direct dependencies, unfortunately most dependencies have dependencies and they may not specify their dependencies in a manner that is as strict as yours.</p><h3 class="heading" style="text-align:left;" id="use-deterministic-operating-modes">Use <a class="link" href="https://en.wikipedia.org/wiki/Deterministic_algorithm?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=practical-short-term-steps-for-managing-supply-chain-risk-in-javascript-python" target="_blank" rel="noopener noreferrer nofollow">deterministic</a> operating modes</h3><p class="paragraph" style="text-align:left;">The largest cause of frustration and introducer of risk within dependency managers is when they operate in a non-deterministic manner, NPM is a great example of this behaviour: </p><p class="paragraph" style="text-align:left;">Running <code>npm install</code> results in an interesting set of behaviours</p><ul><li><p class="paragraph" style="text-align:left;">Install performs a full dependency resolution which makes it slow. This process is necessary if you don’t already have a <code>package-lock.json</code> but is entirely superfluous if you do. </p></li><li><p class="paragraph" style="text-align:left;">If dependencies (either direct or indirect) have loose constraints <code>install</code> will update them transparently without prompting. This is fine if you intend it, but can be a disaster when security is the aim.</p></li></ul><p class="paragraph" style="text-align:left;">Arguably this violates the entire point of a <b>lock file</b> but hey.</p><p class="paragraph" style="text-align:left;">NPM offers an alternative install mode called <code>ci</code> which is designed to install exactly what is within the <code>package-lock.json</code> and will fail if it doesn’t match or can’t be installed.</p><p class="paragraph" style="text-align:left;">So for NPM people:</p><ul><li><p class="paragraph" style="text-align:left;"><b>Developers:</b> Use <code>npm install</code> when adding or upgrading dependencies, then commit <code>package-lock.json</code>. Afterwards use <code>npm ci</code></p></li><li><p class="paragraph" style="text-align:left;"><b>CI/CD & Production:</b> Always use <code>npm ci</code> to guarantee a clean, reproducible install.</p></li></ul><p class="paragraph" style="text-align:left;">I’ve highlighted similar operating modes for other dependency tools within the Javascript/Python ecosystem.</p><div style="padding:14px 15px 14px;"><table class="bh__table" width="100%" style="border-collapse:collapse;"><tr class="bh__table_row"><th class="bh__table_header" width="33%"><p class="paragraph" style="text-align:left;">Package Manager</p></th><th class="bh__table_header" width="33%"><p class="paragraph" style="text-align:left;">npm ci Equivalent</p></th><th class="bh__table_header" width="33%"><p class="paragraph" style="text-align:left;">Deterministic</p></th></tr><tr class="bh__table_row"><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">yarn</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;"><code>yarn install --frozen-lockfile</code> or <code>yarn install --immutable</code></p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">✅ Yes</p></td></tr><tr class="bh__table_row"><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">pnpm</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;"><code>pnpm install --frozen-lockfile</code></p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">✅ Yes</p></td></tr><tr class="bh__table_row"><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">bun</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;"><code>bun install --frozen-lockfile</code></p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">✅ Yes</p></td></tr><tr class="bh__table_row"><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">pip</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;"><code>pip-sync</code> (pip-tools)</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">⚠️ Limited (External tool)</p></td></tr><tr class="bh__table_row"><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">Poetry</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;"><code>poetry install</code></p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">✅ Yes</p></td></tr><tr class="bh__table_row"><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">Pipenv</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;"><code>pipenv sync</code></p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">✅ Yes</p></td></tr><tr class="bh__table_row"><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">uv</p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;"><code>uv sync --frozen</code></p></td><td class="bh__table_cell" width="33%"><p class="paragraph" style="text-align:left;">✅ Yes</p></td></tr></table></div><p class="paragraph" style="text-align:left;"><b>Pythonistas:</b> I recommend the use of Astral’s <code>uv</code> dependency manager. It’s just all around better than any other dependency manager from a speed and safety perspective.</p><p class="paragraph" style="text-align:left;"><b>Js/Ts Developers:</b> I recommend the use of <code>bun</code> or <code>pnpm</code>. Again these are just all around better than the other options.</p><div class="blockquote"><blockquote class="blockquote__quote"><p class="paragraph" style="text-align:left;">Use deterministic operating modes of dependency managers combined with explicit version constraints to ensure you aren’t getting the latest versions of dependencies without explicitly seeking them. </p><figcaption class="blockquote__byline"> Takeaway 1 </figcaption></blockquote></div><h2 class="heading" style="text-align:left;" id="pinning-dependencies">Disabling or limiting lifecycle scripts</h2><p class="paragraph" style="text-align:left;">A common feature of dependency managers is their ability to run scripts through the lifecycle of the package install process e.g. pre/post install. These are also an extremely common attack path for malware authors as they tend to be overlooked by security tooling. Sources for numbers below will be provided in a research doc.</p><h4 class="heading" style="text-align:left;" id="javascript">Javascript</h4><ul><li><p class="paragraph" style="text-align:left;"><b>Total Packages:</b> 2.5M+</p></li><li><p class="paragraph" style="text-align:left;"><b>Lifecycle Hooks:</b> 2.2% use install scripts (~55,000)</p></li><li><p class="paragraph" style="text-align:left;"><b>Malicious Usage</b>: 0.9-1.3% </p></li></ul><p class="paragraph" style="text-align:left;">The Javascript ecosystem is the clearest case for disabling lifecycle hook scripts<b>,</b> several modern dependency managers such as <code>bun</code> and <code>pnpm</code> actually do this by default. They require you to explicitly enable each lifecycle hook for each dependency that has them. If switching dependency managers isn’t possible you are best served by disabling them via the <code>npm ci --ignore-scripts</code> command. If you’re in the rare situation where you need a script it is best to look at moving to <code>bun</code> or <code>pnpm</code>.</p><h4 class="heading" style="text-align:left;" id="javascript">Python</h4><ul><li><p class="paragraph" style="text-align:left;"><b>Total Packages: </b>530K+</p></li><li><p class="paragraph" style="text-align:left;"><b>Lifecycle Hooks: </b>~33% use setup.py (~175,000)</p></li><li><p class="paragraph" style="text-align:left;"><b>Malicious Usage: </b>0.06-0.2%</p></li></ul><p class="paragraph" style="text-align:left;">The Python ecosystem is a little less clear, unfortunately there isn’t a direct guaranteed means of disabling pre-install scripts nor does the data really support it. There is the ability if you’re operating with a relatively well supported set of dependencies to force the installation of binary <code>wheel</code> formats rather than building anything from source. </p><p class="paragraph" style="text-align:left;">Python as an interpreted language relies heavily upon system libraries get a lot of its work done. Some of this code needs to be built for specific systems but in most cases the interfaces they interact with are common enough across a set of systems (or the dependencies license permissive enough) that they can be pre-compiled and distributed as binary that will run just work. In the Python ecosystem these are called <code>wheels</code> a wheel is basically zip file that contains the python source as well as the binary extensions. </p><p class="paragraph" style="text-align:left;">Using <code>wheels</code> means you don’t execute the <code>setup.py</code> script which closes down a vector of risk. You can force <code>pip</code> and <code>uv</code> to attempt to only use <code>wheels</code> by passing the <code>--only-binary=all</code> command. This will fail if a dependency you’re using doesn’t have a wheel though. In <code>pip</code> you can also pass a list of dependencies that you want installed only from <code>wheel</code> so this allows you to find the ones that have <code>setup.py</code> scripts and specify them. Luckily <code>uv</code> is just plain better and allows you to pass <code>--no-binary=some-other-package package_name</code> as well, so you can specify exactly the dependencies to install from source and just audit those for risk. If you combine this with the previous suggestion of dependency pinning you are narrowing the window of risk down to when you legitimately update the dependencies that you allow pre-install scripts to run in during a supply chain attack.</p><div class="blockquote"><blockquote class="blockquote__quote"><p class="paragraph" style="text-align:left;">Disable lifecycle scripts within the Javascript and Python ecosystems to limit your exposure to malware.</p><figcaption class="blockquote__byline"> Takeaway 2 </figcaption></blockquote></div><h5 class="heading" style="text-align:left;" id="thats-enough-for-now-i-will-spend-a">That’s enough for now, I will spend a bit of time on Java for the next post. </h5><p class="paragraph" style="text-align:left;"></p></div><div class='beehiiv__footer'><br class='beehiiv__footer__break'><hr class='beehiiv__footer__line'><a target="_blank" class="beehiiv__footer_link" style="text-align: center;" href="https://www.beehiiv.com/?utm_campaign=1a4a2d22-4e54-4d67-a818-ba85d35d7f9b&utm_medium=post_rss&utm_source=offended_security">Powered by beehiiv</a></div></div>
  ]]></content:encoded>
</item>

      <item>
  <title>Pragmatic AppSec: Part 1 - A map that reflects the territory</title>
  <description>Level 0 maturity</description>
      <enclosure url="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/af7e9d46-fa3d-403c-8a9a-35792472f3d8/Map.png" length="1901608" type="image/png"/>
  <link>https://www.offendedsecurity.net/p/pragmatic-appsec-part-1-a-map-that-reflects-the-territory</link>
  <guid isPermaLink="true">https://www.offendedsecurity.net/p/pragmatic-appsec-part-1-a-map-that-reflects-the-territory</guid>
  <pubDate>Fri, 12 Sep 2025 04:47:31 +0000</pubDate>
  <atom:published>2025-09-12T04:47:31Z</atom:published>
    <dc:creator>Ben Gittins</dc:creator>
    <category><![CDATA[Pragmatic Appsec]]></category>
  <content:encoded><![CDATA[
    <div class='beehiiv'><style>
  .bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
  .bh__table_cell { padding: 5px; background-color: #FFFFFF; }
  .bh__table_cell p { color: #2D2D2D; font-family: 'Helvetica',Arial,sans-serif !important; overflow-wrap: break-word; }
  .bh__table_header { padding: 5px; background-color:#F1F1F1; }
  .bh__table_header p { color: #2A2A2A; font-family:'Trebuchet MS','Lucida Grande',Tahoma,sans-serif !important; overflow-wrap: break-word; }
</style><div class='beehiiv__body'><p class="paragraph" style="text-align:left;"><b>Welcome to my new series: Pragmatic AppSec.</b> It aims to provide security professionals at organisations that are AppSec curious with the necessary information to kickstart a program. </p><p class="paragraph" style="text-align:left;">AppSec, whilst being extremely effective is frequently deprioritised, the success of it at an organisation is frequently dependent upon a single engineers willingness to drive it. It’s important to note that this series is based off my own experience and every business is different. The aim is to make this as agnostic as possible because AppSec is for everyone that has an App. I’ve been at large companies, medium companies and very small companies and have seen and implemented various versions of this. You will see me frequently talk about discovering business needs and appetites, this is an important aspect of any cybersecurity program: <b>your solution needs to be right-sized to risk, resource and scale.</b></p><div class="blockquote"><blockquote class="blockquote__quote"><p class="paragraph" style="text-align:left;">Throughout the series you will see sections called Pragmatic Mantras these are designed to be thought-provoking callouts that help highlight useful tools of thought.</p><figcaption class="blockquote__byline"> Pragmatic Mantra Example </figcaption></blockquote></div><h1 class="heading" style="text-align:left;" id="prerequisites">Prerequisites</h1><p class="paragraph" style="text-align:left;">There is no specific profile of what makes a good Appsec engineer or leader. What you’ve done in the past just determines how much work you’ll need to do to give people the right information and support. That being said there are a few stereotypical archetypes within the Appsec sphere. I’ve outlined these below for posterity.</p><p class="paragraph" style="text-align:left;"><b>The former pentester</b>: a lot of people in the field have worked in offensive security. This history shows in the way that they approach solving application security problems. I’d argue this strain of thinking dominates Appsec, sometimes to its detriment. </p><p class="paragraph" style="text-align:left;"><b>The compliance person: </b>There is strain of compliance framework driven approaches to AppSec. This attracts a compliance centric archetype to the role. Again this background shows in the way the program runs and problems are solved. </p><p class="paragraph" style="text-align:left;">There is nothing inherently right or wrong with these archetypes and their approaches will suit different businesses differently. </p><p class="paragraph" style="text-align:left;">Fun fact: I don’t come from either of these backgrounds and a lot of the best Application security engineers I’ve met don’t either. To reflect this I figured I’d do my least favourite thing and talk about myself.</p><p class="paragraph" style="text-align:left;"><b>What is my background?</b></p><p class="paragraph" style="text-align:left;">That’s a bit of a weird one, I started by studying tech at university and spent some time writing software. I very quickly discovered that I did not want to do that and ran to Systems Administration. This changed very early onto my career into DevOps and SRE and Security kind of just led from there.</p><p class="paragraph" style="text-align:left;">The common thread woven throughout this is that I’ve spent a lot of time <b>being close to engineers</b>. DevOps and SRE was all about the product and engineering interface and Developer efficiency was my aim. My early security roles were all about securing developers either through building a product for them or working as a security engineer within Developer Platforms teams. Engineers productivity and safety was the ultimate deliverable for those roles.</p><p class="paragraph" style="text-align:left;">As you will soon see successful Application Security <i><b>requires working closely and considerately with engineers</b></i>. Their productivity is the primary currency (aside from dollars) that we spend when we add security to a process.</p><div class="blockquote"><blockquote class="blockquote__quote"><p class="paragraph" style="text-align:left;">Engineers productivity is the currency of AppSec, spend it wisely</p><figcaption class="blockquote__byline"> Pragmatic Mantra 1 </figcaption></blockquote></div><hr class="content_break"><p class="paragraph" style="text-align:left;">Part 1 of this series looks at creating a common understanding of not only what AppSec is, but the establishment of an underlying map that helps guide you towards success. It’s not the most practical of the series but is certainly one of the most important. We are establishing the common language a.k.a the<i> lingua franca </i>of AppSec.</p><h1 class="heading" style="text-align:left;" id="what-is-app-sec">What is AppSec?</h1><p class="paragraph" style="text-align:left;">AppSec, rightly or wrongly, means a lot of different things to different people and that’s great! But for a program to work we need a common definition. Security historically was an afterthought, we built software and then worried about security. This is generally regarded as a bad idea, software is a brittle and fickle entity that will happily work its way around any badly structured controls. As the concept of SaaS became the predominate form of software consumption we quickly discovered through black eyes and breaches that we needed to change how we approached software security. Application Security or AppSec arose to fill this need. </p><p class="paragraph" style="text-align:left;"><br>If you asked most people what AppSec is the answer you will get is something along the lines of:</p><p class="paragraph" style="text-align:left;"><i>Application security is the practice of protecting software applications throughout their lifecycle by identifying, fixing and preventing security vulnerabilities through secure coding practices, automated testing tools, security reviews and runtime protection.</i></p><p class="paragraph" style="text-align:left;">This is a great description of the kinds of tools and processes that are involved in an AppSec program but I would argue it really misses the crux of AppSec. <b>Culture</b></p><p class="paragraph" style="text-align:left;">I like to define AppSec as:</p><p class="paragraph" style="text-align:left;"><i>Application Security (AppSec) is the practice of empowering engineering teams to build secure software through architectural guidance and frictionless, well-integrated tooling that enhance delivery velocity rather than impede it. AppSec prioritises secure architecture and design guidance over tooling alone, with tools serving to support and execute that guidance effectively. Success depends on cultivating a security-conscious culture and communicating meaningful metrics tailored to both engineering teams (actionable technical insights) and management (business risk and program effectiveness).</i></p><p class="paragraph" style="text-align:left;"><i><b>Yeah, it’s a mouthful. I promise I will explain it better in the future.</b></i></p><h2 class="heading" style="text-align:left;" id="a-rationale-for-thinking-this-way">A rationale for thinking this way</h2><p class="paragraph" style="text-align:left;">Now this definition might raise eyebrows, for starters, shift-left happened and we are still dealing with the side effects of that. Why are we focussing on developers? Shift-left and historical approaches like it made a series of mistakes when attempting to involve developers into the security cycle; <b>for starters developers are not security people. </b>The approach I advocate for in the above definition and this series corrects these mistakes by ensuring that responsibility still lies with the AppSec function. </p><p class="paragraph" style="text-align:left;"><b>We are engineers as well </b>and therefore need to be at the centre or at the very least operating within the confines of the engineering function at an organisation. Our aim is not to make security developers responsibility, rather we seek to encourage them to build in a manner that is inherently secure. This aim is achieved through guidance, involvement, understanding and consideration. </p><p class="paragraph" style="text-align:left;">Whenever your thinking about how to approach this:</p><ul><li><p class="paragraph" style="text-align:left;">Developers do not exist to fix our vulnerabilities <b>they have a product to deliver</b>. We need to enable them to deliver a product and do it in a way that addresses our vulnerabilities.</p></li><li><p class="paragraph" style="text-align:left;">Developers are <b>experts at writing software</b>. We need to mirror this expertise and innately understand what they are doing. </p></li><li><p class="paragraph" style="text-align:left;">Developers are <b>overburdened and frequently under the pump</b>. We need to be a pressure relief valve and encourage them to help us find pressure points. </p></li><li><p class="paragraph" style="text-align:left;">Developers <span style="text-decoration:underline;"><b>want</b></span> to maintain their software and have a functioning safe development environment but frequently lack the ability or capacity to obtain justification for doing so. We need to help them get that justification.</p></li></ul><h1 class="heading" style="text-align:left;" id="the-virtuous-cycle-of-success-in-ap">The virtuous cycle of success in AppSec</h1><p class="paragraph" style="text-align:left;">At the core of any AppSec program you should have three core aims/principles/objectives/goals whatever floats your boat. I’ve created the following acronym as a memorisation method.</p><p class="paragraph" style="text-align:left;">Mould, Advise, Publicise - <b>M.A.P</b></p><ul><li><p class="paragraph" style="text-align:left;"><b>Mould</b>: Shape a security conscious, blame-free culture centred around collaboration that empowers engineers, whilst enabling you to ask for things when you need them.</p></li><li><p class="paragraph" style="text-align:left;"><b>Advise: </b>Provide suitable guidance/advice/support and enable it with tooling that is velocity considerate and meets developers where they are.</p></li><li><p class="paragraph" style="text-align:left;"><b>Publicise: </b>Expose and communicate success in a manner suitable to your audience - both engineers and leadership.</p></li></ul><p class="paragraph" style="text-align:left;">Each of these objectives sustain and nurture each other and will enable you to achieve whatever security/risk aims your company has.</p><p class="paragraph" style="text-align:left;">What does this look like in practice? <b>A virtuous cycle of success</b></p><div class="image"><img alt="" class="image__image" style="" src="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/e13cf2c8-de8c-4358-bc9c-004df839050f/M.A.P.png?t=1757642371"/><div class="image__source"><span class="image__source_text"><p>The M.A.P that reflects the territory</p></span></div></div><p class="paragraph" style="text-align:left;">Moulding a culture helps you identify opportunities to advise, these give you success to publicise which then encourages further cultural improvements. The self-sustaining nature of this cycle creates a positive feedback loop that ultimately drives you towards a successful AppSec program. </p><h2 class="heading" style="text-align:left;" id="a-practical-example">A practical example</h2><p class="paragraph" style="text-align:left;">AppSec Engineer <b>Billie</b> has identified that we have a series of vulnerabilities within container images at the organisation that are persisting across multiple sprints. <b>Billie</b> has invested a lot of time with <i>Engineering Team A</i>. </p><p class="paragraph" style="text-align:left;">Through conversations and pair coding sessions she has identified that the reason they struggle to patch vulnerabilities in their containers is because they are just too complex. <b>Billie</b> has provided the engineers with a safe space to talk about frustrations and can readily map her needs to theirs.</p><p class="paragraph" style="text-align:left;"><b>Billie</b> offers to help them build better containers, focussing on the developer experience in communications. “Let’s make these easier for your team to iterate on these so that you can test our new versions of X language”</p><p class="paragraph" style="text-align:left;">Through iteration and work (yes she might be actually helping make a container) <b>Billie</b> has helped produced a container that not only aids the developers in their aims but also reduces the attack surface and vulnerability numbers substantially.</p><p class="paragraph" style="text-align:left;">This is communicated to engineering leadership as a win for developer productivity, to security leadership as a win for security and to engineers as a win for making their job easier.</p><p class="paragraph" style="text-align:left;"><i>Engineering Team B </i>enjoying the benefits of <i>Engineering Team A’s</i> new containers, reaches out to Billie and asks her to help them with their build pipeline. Billie has identified that vulnerabilities within CI/CD are not being readily maintained.</p><p class="paragraph" style="text-align:left;">And so on…</p><p class="paragraph" style="text-align:left;"><b>Thus the virtuous cycle sustains</b></p><p class="paragraph" style="text-align:left;"><i>Alright that’s enough for now</i></p><p class="paragraph" style="text-align:left;">In future posts we will examine each of these pillars in detail and look at how we can build them out but for now keep this model in mind as we delve deeper into this.<br></p><p class="paragraph" style="text-align:left;">Thanks for reading</p></div><div class='beehiiv__footer'><br class='beehiiv__footer__break'><hr class='beehiiv__footer__line'><a target="_blank" class="beehiiv__footer_link" style="text-align: center;" href="https://www.beehiiv.com/?utm_campaign=d24d0e0d-cb75-47c3-8b5e-fa4c36e1a071&utm_medium=post_rss&utm_source=offended_security">Powered by beehiiv</a></div></div>
  ]]></content:encoded>
</item>

      <item>
  <title>Don&#39;t forget to do your damn job and tell people about it</title>
  <description>Remember to actually do what you need to do</description>
      <enclosure url="https://media.beehiiv.com/cdn-cgi/image/fit=scale-down,format=auto,onerror=redirect,quality=80/uploads/asset/file/2d75a0cf-ac83-4fa4-aa86-09a268a6f3d0/damnjob.png" length="1405920" type="image/png"/>
  <link>https://www.offendedsecurity.net/p/don-t-forget-to-do-your-damn-job-and-tell-people-about-it</link>
  <guid isPermaLink="true">https://www.offendedsecurity.net/p/don-t-forget-to-do-your-damn-job-and-tell-people-about-it</guid>
  <pubDate>Thu, 14 Aug 2025 14:00:00 +0000</pubDate>
  <atom:published>2025-08-14T14:00:00Z</atom:published>
    <dc:creator>Ben Gittins</dc:creator>
    <category><![CDATA[People And Processes]]></category>
  <content:encoded><![CDATA[
    <div class='beehiiv'><style>
  .bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; }
  .bh__table_cell { padding: 5px; background-color: #FFFFFF; }
  .bh__table_cell p { color: #2D2D2D; font-family: 'Helvetica',Arial,sans-serif !important; overflow-wrap: break-word; }
  .bh__table_header { padding: 5px; background-color:#F1F1F1; }
  .bh__table_header p { color: #2A2A2A; font-family:'Trebuchet MS','Lucida Grande',Tahoma,sans-serif !important; overflow-wrap: break-word; }
</style><div class='beehiiv__body'><p class="paragraph" style="text-align:left;">A good friend of mine who runs a great Appsec company, sent me <b><a class="link" href="https://charity.wtf/2021/03/07/know-your-one-job-and-do-it-first?utm_source=www.offendedsecurity.net&utm_medium=newsletter&utm_campaign=don-t-forget-to-do-your-damn-job-and-tell-people-about-it" target="_blank" rel="noopener noreferrer nofollow" style="color: rgb(191, 149, 249)">this great article</a></b> about a month ago. It wasn&#39;t new to me, but in recent weeks it&#39;s really been playing on my mind.</p><p class="paragraph" style="text-align:left;">This hit its peak when I gave a guest lecture at QUT to a class full of people looking to get into tech and cybersecurity. It was a great opportunity and I am extremely grateful for the chance to help guide the next generation of engineers.</p><p class="paragraph" style="text-align:left;">The job climate is obviously a little whack at the moment so the usual set of questions came up:</p><ul><li><p class="paragraph" style="text-align:left;">How do I get into X job?</p></li><li><p class="paragraph" style="text-align:left;">What can I do to stand out in an interview?</p></li></ul><p class="paragraph" style="text-align:left;">The kinds of advice I fall back to here beyond what they might be already doing are typically things like:</p><ul><li><p class="paragraph" style="text-align:left;">Have a portfolio</p></li><li><p class="paragraph" style="text-align:left;">Learn in public</p></li><li><p class="paragraph" style="text-align:left;">Broaden your skills</p></li><li><p class="paragraph" style="text-align:left;">Focus on the market and the needs of the businesses in it</p></li></ul><p class="paragraph" style="text-align:left;">It struck me after this lecture had concluded that a lot of these behaviours are exactly the kinds of extracurriculars mentioned in this article.</p><p class="paragraph" style="text-align:left;">These are the things that result in people getting stuck going from mid to senior and above roles (in an individual contributor space). <i><b>The irony of this thought occurring while I was doing exactly the kind of activity that&#39;s the subject of this article is not lost on me. Nor is the fact that I am writing about it in a blog article.</b></i></p><p class="paragraph" style="text-align:left;">It&#39;s a curious industry we work in (cybersecurity), the path to success in our roles is usually circuitous and tangled. The ability to demonstrate your impact when you&#39;re slowly cutting your way through the jungle is vital to your long term success, <i><b>it&#39;s also a skill that a lot of people lack.</b></i></p><p class="paragraph" style="text-align:left;">The most common method (at least from what I have seen) to make up for this shortfall is to focus on doing everything that isn&#39;t your job. You&#39;re part of the community, you&#39;re writing blog posts, maybe you maintain some open source projects. There is nothing wrong with that, we need people to shape communities, maintain software and share their thoughts; but you need to do your damn job be able to communicate the impact it&#39;s having.</p><p class="paragraph" style="text-align:left;">The idea of both actually having impact and communicating it is something so thoroughly missed in both formal education and informal education. It&#39;s also arguably why a lot of big tech companies have such awful approaches to role changes (10k word role change docs read by people that you&#39;ve never worked is so good right?). Forcing people to write large documents that justify their existence gives people that aren&#39;t doing their job, or lack the skills to demonstrate impact, the ability to spend time pretending they are doing their job. The need to create the appearance of impact also creates a whole graveyard of barely functioning PoC&#39;s propping up large tech companies. A lot of these same problems still exist in smaller contexts, the difference is that people just don&#39;t get promoted/maybe lose your job and/or the size of teams gets larger than it needs.</p><p class="paragraph" style="text-align:left;">Here&#39;s the rub, I&#39;ve always found it incredible just how much time people in security engineering roles have to write thought-pieces. Again irony, I am an engineering leader writing a thought piece blog. For full transparency, finding time write a blog is like herding cats for me, my participation in various groups and programs is a carefully negotiated dance and the rare occasion I get to do anything new it requires several rituals to all known gods.</p><p class="paragraph" style="text-align:left;">Enterprise security is rough, product security is frequently non-existent and we are always talking about just how threats never stop coming. We speak constantly about how we always need more people. All of this is to say that if you&#39;re taking the time to write a blog or run a community group you should consider whether you&#39;re doing your job and demonstrating your impact. This is a super vital time to consider this, the world is changing and regardless of your position on AI it will have an impact on how people do their jobs, the types of roles that are available and the quality of work people expect.</p><p class="paragraph" style="text-align:left;">So ask yourself an honest question am I:</p><ul><li><p class="paragraph" style="text-align:left;">doing my job</p></li><li><p class="paragraph" style="text-align:left;">demonstrating the impact</p></li></ul><p class="paragraph" style="text-align:left;">If the answer is yes to both, then great, thank you for your time.</p><p class="paragraph" style="text-align:left;">If the answer is no to either of these, well here is what can you do?</p><ol start="1"><li><p class="paragraph" style="text-align:left;">Do your damn job</p></li><li><p class="paragraph" style="text-align:left;">Measure your damn impact (if you don&#39;t know how I am going herd some cats and write posts for you)</p></li><li><p class="paragraph" style="text-align:left;">Talk about your damn outcomes</p></li><li><p class="paragraph" style="text-align:left;">If you&#39;ve still got time left over do the rest</p></li></ol></div><div class='beehiiv__footer'><br class='beehiiv__footer__break'><hr class='beehiiv__footer__line'><a target="_blank" class="beehiiv__footer_link" style="text-align: center;" href="https://www.beehiiv.com/?utm_campaign=6cd187cb-6073-42a8-bf31-18e7c029d80e&utm_medium=post_rss&utm_source=offended_security">Powered by beehiiv</a></div></div>
  ]]></content:encoded>
</item>

  </channel>
</rss>
