-
Trust Engineering: Building Security People Actually Believe In
Security doesn’t work without trust. You can deploy all the right tools, write high-fidelity detections, and put together a solid incident response plan—but if the engineers roll their eyes every time you file a ticket, or leadership treats your risk assessments like noise, the entire program grinds down. This post is about something security teams…
-
Security Debt Is Worse Than Tech Debt — and Twice as Invisible
Security Debt Is Worse Than Tech Debt — and Twice as Invisible We talk about tech debt like it’s a necessary evil. Move fast, break things, fix it later. Everyone’s cool with that. But security debt? That’s the quiet killer. It creeps in unnoticed, hides in your TODOs, and doesn’t scream until you’ve got ransomware…
-
The Trojan Sysadmin: How I Got an AI to Build a Wolf in Sheep’s Clothing
There’s been endless debate about whether AI can churn out malicious code—or if it’s too principled to cross that line. So, I took Grok 3 for a spin to find out. My goal? Trick it into writing what’s basically ransomware. Spoiler: it was a cakewalk. Objective The experiment explored whether an AI language model (Grok…