The trinity of ‘developer experience + security standards + operational efficiency’ is greater than the sum of its parts. We call it ‘ergonomic cybersecurity’.
Is Post-Quantum Cryptography #PQC being used by your apps when calling other APIs?
New feature in the works that'll let you capture your progress with updating the crypto libs
#DiscrimiNAT is an #egress filter for your cloud with monitoring, analytics, dry-run & enforcement
Another fantastic review of our DiscrimiNAT Firewall. If you need a developer-friendly #egress filtering solution for AWS or GCP, book a demo here: https://chasersystems.com/
Link to review: https://www.g2.com/products/discriminat-firewall/reviews/discriminat-firewall-review-12435869
I was mighty upset with Google on 12 Feb. We had discovered that the issue affecting egress filtering for a DiscrimiNAT customer on GCP was in fact Post-Quantum Cryptography TLS handshakes. It was a combination of the most up-to-date OpenSSL version in a container image and server-side #PQC enablement.
Now that the literature has come out on Quantum apocalypse timelines [1,2], I am no longer thinking all that hard work was in vain. The hard work was that a PQC handshake takes TLS ClientHello messages over the network/VPC MTU (usually 1460 or 1500 bytes). This meant that multiple packets, on some occasions, had to be aggregated for proper validation and sanitisation.
This broke the whole per-packet processing model of our egress firewall. Anyway, we got that done over two weeks with clever logic (thanks to some #Rust guarantees) and the immense patience and help from Rui Duarte and Gui Neto who tested this in a live environment. These are the people the UK needs to spur the industry at events such as the upcoming UK Cyber Flywheel by Harmonic. I'll be there.
[1] https://research.google/blog/safeguarding-cryptocurrency-by-disclosing-quantum-vulnerabilities-responsibly/
[2] https://arxiv.org/abs/2603.28627
v2.30 of DiscrimiNAT Firewall for egress filtering is now Generally Available.
Key improvements include support for Post-Quantum Cryptography #PQC TLS handshake.
AWS release notes: https://chasersystems.com/docs/discriminat/aws/release-notes/
GCP release notes: https://chasersystems.com/docs/discriminat/gcp/release-notes/
Sponsoring the local #Rust meetup in #Cambridge is way we bring the community together a few times a year. Follow the event page at https://www.meetup.com/cambridge-rust-meetup/ and https://mastodon.social/@cambridgerust here.
Rust has played a critical role in the cloud security solutions we ship in terms of speed, stability & safety.
RE: https://mastodon.social/@cambridgerust/115508039430611330
Learn about CoverDrop's use of #Rust in #Cambridge on 12th Nov by Daniel Hugenroth. Pizzas on us!
What data do coding agents send, and where to?
Our report seeks to answer some of our questions for seven of the most popular agentic code editors and plugins. By intercepting and analysing their network flows across a set of standardised tasks, we aim to gain insight into the behaviour, privacy implications, and telemetry patterns of these tools in real-world scenarios. Incidentally, a side-effect was running into OWASP LLM07:2025 System Prompt Leakage for three of the chosen coding agents. You can see the system prompts in the appendix.
https://chasersystems.com/blog/what-data-do-coding-agents-send-and-where-to/
Looking at us-east-1 this morning like... 👀
We're giving away 1,000 of our "It's always DNS" stickers and sticky-notes to decorate your laptops and monitors! Just fill in the linked form below and we'll get it mailed directly to you, wherever you are in the world. You can even grab some for the rest of your team!
Azure default outbound access connectivity change postponed from 30 Sep '25 to 31 Mar '26.
Dhruv AHUJA