Elasticsearch 7 → 8 is not a simple upgrade.
It’s a migration.
New clients, #SecurityByDesign and API changes make this more complex than many teams expect — we’ve seen it firsthand.
We break down what really changes on the Karakun #DeveloperHub when moving from #Elasticsearch 7.17 to 8.19, including client updates, mappings and error handling.
Practical guide (incl. code & pitfalls):
https://dev.karakun.com/2026/03/26/elasticsearch-7-to-8-migration-guide.html
Was meint ihr wie meine Projektarbeit bei potentiellen Arbeitgebern ankommen wird?
"Evaluierung und Implementierung einer souveränen,
hyperkonvergenten Virtualisierungsplattform (HCI) zur resilienten Bereitstellung
kritischer Workloads in regulierten Umgebungen."
🇪🇺📢 As #ChatControl will hopefully end, a new study proves mass scanning tech is flawed & easily evaded. 🔬
To truly protect kids now, we must shift from broken algorithms to targeted police work 🕵️♂️ and strict #SecurityByDesign 🛡️.
Read: https://www.patrick-breyer.de/en/end-of-chat-control-paving-the-way-for-genuine-child-protection/
The controversial mass surveillance of private messages in Europe could soon come to an end. Negotiations between the European Parliament and EU member states regarding the extension of the so-called "Chat Control" concluded yesterday without an agreement. This means that starting April 4, US tech g
🇩🇪📢 Neue Studie passend zum mgl. #Chatkontrolle-Aus: Massenscan-Technik ist fehlerhaft und leicht zu umgehen. 🔬
Um Kinder jetzt wirklich zu schützen, brauchen wir gezielte Ermittlungen 🕵️♂️ und sichere Apps #SecurityByDesign 🛡️.
Infos: https://www.patrick-breyer.de/ende-der-chatkontrolle-weg-frei-fuer-echten-kinderschutz/
FUNDING SECURITY FOR PLACES OF WORSHIP
The SOAR guide explains how Security by Design measures can be financed through:
• Public and municipal funding
• Energy-efficiency grants
• Phased renovation planning
• Crowdfunding and donations
Includes examples from Germany, Hungary and France.
PDF:
https://soarproject.eu/wp-content/uploads/2022/12/Funding-Mechanisms-for-Places-of-Worship.pdf
🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝗙𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻𝘀/𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 (𝟮/𝟭𝟮): "Beyond Whiteboard Hacking: Master AI-Enhanced Threat Modeling" 𝗽𝗮𝗿/𝗯𝘆 Steven Wierckx (Toreon)
📅 Dates: May 11 and 12, 2026 (2 days)
📊 Difficulty: Medium
🖥️ Mode: On-Site
Description: "𝘛𝘩𝘪𝘴 𝘵𝘳𝘢𝘪𝘯𝘪𝘯𝘨 𝘵𝘢𝘬𝘦𝘴 𝘺𝘰𝘶 𝘥𝘦𝘦𝘱 𝘪𝘯𝘵𝘰 𝘵𝘩𝘦 𝘱𝘳𝘢𝘤𝘵𝘪𝘤𝘢𝘭 𝘸𝘰𝘳𝘭𝘥 𝘰𝘧 𝘵𝘩𝘳𝘦𝘢𝘵 𝘮𝘰𝘥𝘦𝘭𝘪𝘯𝘨, 𝘤𝘰𝘮𝘣𝘪𝘯𝘪𝘯𝘨 𝘩𝘢𝘯𝘥𝘴-𝘰𝘯 𝘦𝘹𝘦𝘳𝘤𝘪𝘴𝘦𝘴 𝘢𝘯𝘥 𝘳𝘦𝘢𝘭-𝘸𝘰𝘳𝘭𝘥 𝘴𝘤𝘦𝘯𝘢𝘳𝘪𝘰𝘴. 𝘛𝘩𝘪𝘴 𝘩𝘢𝘯𝘥𝘴-𝘰𝘯 𝘵𝘩𝘳𝘦𝘢𝘵 𝘮𝘰𝘥𝘦𝘭𝘪𝘯𝘨 𝘵𝘳𝘢𝘪𝘯𝘪𝘯𝘨 𝘰𝘧𝘧𝘦𝘳𝘴 𝘢𝘯 𝘪𝘮𝘮𝘦𝘳𝘴𝘪𝘷𝘦 𝘦𝘹𝘱𝘦𝘳𝘪𝘦𝘯𝘤𝘦, 𝘨𝘳𝘰𝘶𝘯𝘥𝘦𝘥 𝘪𝘯 25 𝘺𝘦𝘢𝘳𝘴 𝘰𝘧 𝘱𝘳𝘢𝘤𝘵𝘪𝘤𝘢𝘭 𝘦𝘹𝘱𝘦𝘳𝘵𝘪𝘴𝘦, 𝘢𝘯𝘥 𝘳𝘦𝘧𝘪𝘯𝘦𝘥 𝘧𝘰𝘳 𝘰𝘷𝘦𝘳 𝘢 𝘥𝘦𝘤𝘢𝘥𝘦 𝘰𝘧 𝘥𝘦𝘭𝘪𝘷𝘦𝘳𝘺 𝘢𝘵 𝘉𝘭𝘢𝘤𝘬 𝘏𝘢𝘵, 𝘢𝘷𝘰𝘪𝘥𝘪𝘯𝘨 𝘢 𝘭𝘦𝘤𝘵𝘶𝘳𝘦-𝘩𝘦𝘢𝘷𝘺 𝘢𝘱𝘱𝘳𝘰𝘢𝘤𝘩 (70% 𝘰𝘧 𝘵𝘩𝘦 𝘤𝘰𝘶𝘳𝘴𝘦 𝘪𝘴 𝘧𝘰𝘤𝘶𝘴𝘦𝘥 𝘰𝘯 𝘦𝘹𝘦𝘳𝘤𝘪𝘴𝘦𝘴 𝘵𝘰 𝘳𝘦𝘪𝘯𝘧𝘰𝘳𝘤𝘦 𝘭𝘦𝘢𝘳𝘯𝘪𝘯𝘨). 𝘉𝘺 𝘵𝘩𝘦 𝘦𝘯𝘥 𝘰𝘧 𝘵𝘩𝘪𝘴 𝘵𝘳𝘢𝘪𝘯𝘪𝘯𝘨, 𝘺𝘰𝘶 𝘸𝘪𝘭𝘭 𝘸𝘢𝘭𝘬 𝘢𝘸𝘢𝘺 𝘯𝘰𝘵 𝘫𝘶𝘴𝘵 𝘸𝘪𝘵𝘩 𝘬𝘯𝘰𝘸𝘭𝘦𝘥𝘨𝘦, 𝘣𝘶𝘵 𝘵𝘩𝘦 𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘵𝘰 𝘱𝘳𝘢𝘤𝘵𝘪𝘤𝘦 𝘵𝘩𝘳𝘦𝘢𝘵 𝘮𝘰𝘥𝘦𝘭𝘪𝘯𝘨 𝘦𝘧𝘧𝘦𝘤𝘵𝘪𝘷𝘦𝘭𝘺 𝘪𝘯 𝘺𝘰𝘶𝘳 𝘰𝘳𝘨𝘢𝘯𝘪𝘻𝘢𝘵𝘪𝘰𝘯. "
🔗 Full Training Details: https://nsec.io/training/2026-beyond-whiteboard-hacking-master-ai-enhanced-threat-modeling/
👨🏫 About the trainer:
Steven Wierckx (Toreon) is a seasoned software and security tester with 15 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design. Steven shares his web application security passion by writing about and through training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. He’s the OWASP Threat Modeling Project Lead and organises the BruCON student CTF. Last year, he spoke at Hack in the Box Amsterdam, hosted a workshop at BruCON, and provided threat modeling training at OWASP AppSec USA and O’Reilly Security New York.
#NorthSec #cybersecurity #threatmodeling #AIsecurity #LLM #DevOps #securitybydesign
Serverless SaaSless Networking: Building the Future Today
In the realm of serverless SaaSless networking, an architect doesn’t have to work in concrete. Some of us design networks.
Right now, the work I care about most is serverless, SaaSless networking: systems that run without a central point of truth and without a compulsory platform sitting in the middle. In other words, this approach builds the future today by making infrastructure that survives churn, pricing shifts, policy drift, and the sudden disappearance of a dependency everyone assumed would last forever.
Privacy follows from that choice. When the architecture stops funneling everything through a choke point, surveillance becomes harder, leakage becomes less likely, and “quiet repurposing” becomes far less tempting.
Cloud still has a place. However, forced dependence creates fragility.
A product that requires permanent permission from a third party isn’t really a product. Instead, it becomes a subscription to someone else’s stability.
What “serverless” and “SaaSless” mean in this context
Marketing turned “serverless” into a synonym for “someone else runs servers.” That model works for plenty of teams, yet it misses the deeper principle.
In this context, serverless means the network does not rely on a central server as the point of truth. Peers should discover each other, authenticate, exchange data, and recover without routing everything through a single authority.
Likewise, SaaSless means the core capability does not depend on an always-on subscription platform. Basic function should not sit behind tiers. Data should not live inside a proprietary dashboard with no clean exit. When a vendor can throttle, cut off, or reshape capability through closed APIs, control disappears.
That’s where architecture matters. It draws the line between a tool you own and a leash you tolerate.
A better metaphor than “roads versus theme parks” is public roads versus toll roads.
Public roads act as infrastructure. Anyone can use them, routes stay flexible, and no single company gets to decide who is allowed to travel. Toll roads can help too, but the experience changes the moment a gate sits in the middle. Then prices rise, rules shift, and access tightens. As a result, the journey starts depending on the operator’s incentives instead of the traveler’s needs.
That’s what SaaS-by-default networking creates. Movement still happens, but the gatekeeper sets the terms.
Why privacy becomes inevitable once the choke point disappears
Centralization attracts data. Then data attracts risk. Over time, risk becomes a breach email full of regret.
A privacy-first system takes a quieter path. It collects less, retains less, processes closer to the user, and reduces the number of places sensitive material can leak or be copied. Because of that, teams earn trust through engineering, not performance.
People don’t experience their lives as “data.” They experience messages, drafts, searches, locations, relationships, and decisions. So systems should treat those things with the seriousness they deserve.
Web3 identity, without the hype cycle
Web3 marketing created a mess, and the noise turns people off. Still, user-owned identity remains practical.
Most online identity works like a rental. Access can vanish. History can lock up. A policy change can turn an account into a liability overnight.
User-owned identity flips that relationship. A cryptographic anchor under the user’s control changes authentication from permission to proof. Additionally, it supports delegation, roles, and verification in ways auditors can check.
If a network aims to outlive trends, it needs identity built on owned ground, not rented ground.
Localized AI completes the design
Localized AI makes the whole approach feel coherent.
Privacy-first design does not pair well with exporting sensitive prompts to third-party model APIs by default. Instead, running models on-device, on-prem, or inside controlled infrastructure keeps private inputs inside a boundary you can actually defend.
The practical benefits show up fast. You get lower latency, predictable costs, and fewer moving parts. You also reduce exposure to training pipelines you cannot properly audit. Most importantly, the boundary stays intact, and thought stays close to home.
For that reason, localized AI belongs in the architecture, not as a bolt-on feature.
The future worth normalizing
Here’s the normal worth building:
None of this requires utopian thinking. Instead, it requires disciplined engineering.
Call to action
Pick one place in your stack where a platform sits in the middle by default.
Then run three questions against it:
A single “yes” signals progress. Two points to direction. Three makes the future arrive early.
Privacy First. Security Always. Not as branding. As architecture.
If this resonates, share it with someone who builds systems for real users. Also, drop a comment with the one dependency you’d love to remove in 2026, or the one privacy-first change you plan to ship first. I read the replies and I’ll respond.
Key Takeaways
Karakun
podzblitz
Patrick Breyer
SCENOR | The Science Crew
hackmac
secsolution
NorthSec
Mass Axis
Michael N. Kingsnorth