Boring AppSec | Sandesh Mysore Anand | Substack

Edition 23: A framework to securely use LLMs in companies - Part 3: Securing ChatGPT and GitHub Copilot

Part 3 of a multi-part series on using LLMs securely within your organization. This post helps you secure two of the most popular LLM-based tools used…

Sep 5 •

Sandesh Mysore Anand

and

New

Top

Community

Edition 22: A framework to securely use LLMs in companies - Part 2: Managing risk

In this edition, we will focus on managing risk for applications leveraging 3rd party LLMs

Aug 13 •

Sandesh Mysore Anand

Edition 21: A framework to securely use LLMs in companies - Part 1: Overview of Risks

Part 1 of a multi-part series on using LLMs securely within your organisation. This post provides a framework to categorize risks based on different use…

Jul 18 •

Sandesh Mysore Anand

Edition 20: Degrading UX to improve security hurts both UX and security

Accounting for unintended consequences of your design choice is important for all engineering disciplines. Security teams should apply that lens too.

May 30 •

Sandesh Mysore Anand

Edition 19: Security's eternal prioritisation problem

What if the task I deprioritised leads to a breach that blows everything up? This is a question that's gone through every Security leader's mind. This…

May 8 •

Sandesh Mysore Anand

Edition 18: The diminishing returns of DAST

If your software development relies on continuous integration and deployment (CI/CD), this edition argues that DAST as an assessment methodology should…

Mar 8 •

Sandesh Mysore Anand

Edition 17: Is CloudSec the new AppSec?

This edition argues that while there is increasing overlap between the two, it's not a useful framework to apply

Feb 19 •

Sandesh Mysore Anand

Edition 16: Using security teams as a force multiplier

In a tough economy, its useful to think about how we can add value outside our main job. Adjacent skills picked up as a security professional can help.

Feb 5 •

Sandesh Mysore Anand

Boring AppSec

A newsletter on getting the boring parts of AppSec right

Boring AppSec

About Archive Sitemap

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts