The Agentic Flattening
Twitter caused a real problem for the world. They “flattened” different contributors (experts, amateurs, trolls) into one feed with the same visual weight. You lost the contextual cues (credentials,
May 12, 20265 min read9
Command Palette
Search for a command to run...
#appsec
Articles tagged with #appsec
React2Shell: The Next Struts2-Style Bug Parade?
The React2Shell bug is giving me major déjà vu, and I think there are important lessons here in Abstract vs. Concrete Risk (maybe in B2B sales too—I haven’t fully thought that part through yet). In the 2010s, the Apache Struts team made (what appears...
Dec 8, 20254 min read51
The Battle of AI Wrappers vs. AI Systems
To do vulnerability triage, we use a number of tools: composable agents, workflows, zero-shot LLM calls, deep research, knowledge bases, code analysis tools — you get it. But, does any of it matter? We need to know if a simple “AI wrapper” from some ...
Oct 31, 20254 min read219
Pixee’s Approach to Security Focused UX and Design
An interview with Staff Product Designer Terra Caussin on bridging the gap between security and usability
Aug 28, 20255 min read304
The Illusion of Progress: Why Prioritization Alone Won't Make Us Safer
The Industry Needs Remediation, Not Just Prioritization
Mar 26, 20254 min read110