Disovery is not the bottleneck!
There is a seductive logic to the current surge of optimism around AI-supported vulnerability discovery - a logic that is entirely based on a fundamental misunderstanding of the situation at hand.
More issues
No Pain, No Gain - How Impunity Perpetuates Failure
It’s time to treat cybersecurity incidents and data breaches like preventable disasters, not the inevitable cost of doing business.
A year in books - 2025
A list of all of the books I read in 2025, with a few notes attached to each of them.
Demand Without Development
The cybersecurity talent shortage is not just a problem of numbers, but of structure. By systematically avoiding the hiring and training of true junior staff, the industry is reinforcing a feedback loop that shrinks its own future workforce.
Your reporting should act as a yardstick.
Threat Intelligence reports often don't manage to adhere to basic principles of analytical work. But they should.
ssh-agent 🤝 systemd user-service
Marrying ssh-agent to a systemd user-service finally gave me peace of mind and saved me some keystrokes.
The Byzantine Heritage in Russian Security Culture
I would argue that Byzantium remains a key driver of Russian (strategic) security and intelligence culture. In this post I want to explore how I came to this conclusion and talk about how Byzantine "intelligence traditions" influenced Russian statecraft across the ages.
MITRE CVE Program - the past, the present .. and the (European) future.
The Common Vulnerabilities and Exposures (CVE) program is a globally adopted system for identifying and naming cybersecurity vulnerabilities with unique IDs. Established in 1999 by researchers at the MITRE Corporation (a U.S. non-profit R&D organization), CVE was created to ensure that different ..
A short(-ish) guide on information security writing
Whether you’re compiling incident notes at 3 AM, drafting a post-mortem report for the board or helping the marketing department to craft a blog post that will generate near endless riches for your employer - we may like it or not, the ability to produce qualitative ..
Understanding the Russian Way of Deterrence
Since the dawn of the nuclear age, deterrence has stood as one of the central pillars in international security policy. Initially conceptualized in the West to prevent total war through mutual threat of retaliation, ..