Login

Recent searches

No recent searches

Search options

Only available when logged in.
social.coop is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Fediverse instance for people interested in cooperative and collective projects. If you are interested in joining our community, please apply at https://join.social.coop/registration-form.html.

Administered by:

Server stats:

487
active users

social.coop: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#appsec

20 posts13 participants2 posts today
Public
Bill

Yeah, Copilot, I say the same thing as @bontchev - now do Windows.

microsoft.com/en-us/security/b

Microsoft Security Blog · Analyzing open-source bootloaders: Finding vulnerabilities faster with AI | Microsoft Security BlogUsing Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot. Through a series of prompts, we identified and refined security issues, ultimately uncovering an exploitable integer overflow vulnerability in the GRUB2, U-boot, and Barebox bootloaders.
#copilot#appsec
Public
Paco Hope #resist

Some of my colleagues at #AWS have created an open-source serverless #AI assisted #threatmodel solution. You upload architecture diagrams to it, and it uses Claude Sonnet via Amazon Bedrock to analyze it.

I'm not too impressed with the threats it comes up with. But I am very impressed with the amount of typing it saves. Given nothing more than a picture and about 2 minutes of computation, it spits out a very good list of what is depicted in the diagram and the flows between them. To the extent that the diagram is accurate/well-labeled, this solution seems to do a very good job writing out what is depicted.

I deployed this "Threat Designer" app. Then I took the architecture image from this blog post and dropped that picture into it. The image analysis produced some of the list of things you see attached.

This is a specialized, context-aware kind of OCR. I was impressed at boundaries, flows, and assets pulled from a graphic. Could save a lot of typing time. I was not impressed with the threats it identifies. Having said that, it did identify a handful of things I hadn't thought of before, like EventBridge event injection. But the majority of the threats are low value.

I suspect this app is not cheap to run. So caveat deployor.
#cloud #cloudsecurity #appsec #threatmodeling

A typical AWS serverless architecture from the blog that I linked to. It shows a very large box representing an AWS account, and bunch of smaller boxes containing icons, with each box representing a capability (like file upload, users and authentication, etc). Inside each of those boxes are some icons representing services, like Lambda, IAM, Cognito, S3, etc.
An screen capture of a list of things in a web browser. The table header is labeled "Flows" and it lists flows like the following: End users authenticate through web browsers or mobile devices via Amplify and CloudFront to Cognito User Pools, potentially using External Identity Provider integration. Source: End Users, Target: Cognito User Pools Authenticated users make API requests through CloudFront and API Gateway to access backend services. Source: End Users. Target: API Gateway API Gateway routes authenticated requests to appropriate Lambda functions for processing. Source: API Gateway. Target: Lambda Functions
An screen capture of a list of things in a web browser. The table header is labeled "Assets" and it lists things like the following: End Users: Users that access the application through web browsers or mobile devices, interacting with the frontend interfaces External Identity Provider: Third-party authentication service integrated with Cognito for user authentication and authorization API Gateway: Manages all API requests, acts as the primary entry point for backend services, controls access to Lambda functions and business logic
A screenshot of a table in a web page. The header is labeled "Trust Boundary" and it contains items like: Public-to-private network boundary separating internet users from AWS cloud resources. Source: End Users. Target: CloudFront Distribution Authentication boundary validating user identity before allowing access to backend resources. Source: End Users. Target: Cognito User Pools External authentication service integration boundary. Source: Cognito User Pools. Target: External Identity Provider
#ai#threatmodel
ExploreLive feeds
About