Lee Holmes 

@[email protected]
2.7K Followers
337 Following
2.3K Posts
Partner Security Architect, Azure Security. PowerShell developer, fanatical hobbyist, and author of the PowerShell Cookbook.
Bloghttps://www.leeholmes.com
Lee Holmes 2d ago

RE: https://mastodon.social/@campuscodi/116731487556591373

Interesting to see this just happening now. When we created the PowerShell Gallery 13 years ago, making modules safe to download was one of my top priorities. Creating a safe gallery for code sharing is of course a rich and complicated topic, but the benefit this improvement is self-evident.

Lee Holmes 5d ago
Wrote an app this weekend to announce my incoming notifications (texts etc.) in either vibrated or audio morse code. It literally took me longer to figure how to connect my phone to the PC to transfer the app into it than it did to write the damn thing :)
Lee Holmes Jun 5
It's alive! If you're a Blue Teamer trying to write secure services or secure an organization that does, Threat Driven Software Development is the book you've been looking for. This was a deep collaboration between Michael Howard, Sherrod DeGrippo, Shawn Hernan and I - I'm so excited to be able to get this expertise into the world. https://www.amazon.com/dp/0135567386
Threat-Driven Software Development: Defending online services from modern threat actors: Howard, Michael, Holmes, Lee, DeGrippo, Sherrod, Hernan, Shawn: 9780135567388: Amazon.com: Books

Threat-Driven Software Development: Defending online services from modern threat actors [Howard, Michael, Holmes, Lee, DeGrippo, Sherrod, Hernan, Shawn] on Amazon.com. *FREE* shipping on qualifying offers. Threat-Driven Software Development: Defending online services from modern threat actors

Lee Holmes Jun 2
Added multi-part conversions to the Pyco retro calculator a while back - super handy :)
Lee Holmes May 15
Lorenzo Franceschi-BicchieraiMay 15

This is a serious question.

Is there anyone keeping track of infosec-related songs and music? I mean music where the lyrics are specifically about hacking and hackers. Could be music made by people in the community, like this song, but also outside of the community.

(Apologies for the X link)

https://x.com/uwu_underground/status/2055066612936384851

UwU Underground (@uwu_underground) on X

Now Playing: UwU Underground Fancy Bear (2026) Official Music Video APT TALES VOL 4 -03:50 ————◦———— -6:29 ᴠᴏʟᴜᴍᴇ : ▮▮▮▮▮▮▮▮▮

X (formerly Twitter)
Lee Holmes May 14
The rise in capability in AI models over the past year and a half for vulnerability research is incredible - and it's not just Mythos. Check out CyberGym's graph of progression against 1500+ real-world CVEs: https://www.cybergym.io/
Lee Holmes May 14

Read the MDASH report (https://www.microsoft.com/en-us/security/blog/2026/05/12/defense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-tops-leading-industry-benchmark/) but want something deeper?

Check out this really great deep dive into many of the concepts. Who knows if any of this will ever end up in a product or anything, but it damn sure is helping security: https://www.youtube.com/watch?v=TWIyZo1b6a8

Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark | Microsoft Security Blog

Today Microsoft is announcing a major step forward in AI-powered cyber defense: a new multi-model agentic scanning harness (codenamed MDASH).

Microsoft Security Blog
Lee Holmes May 13

MTG fan? How about this version that works with regular playing cards!

https://www.leeholmes.com/projects/arcane-duel/

Arcane Duel - Playing Card Magic

Lee Holmes May 13
Amazing post from Taesoo Kim about Microsoft's MDASH project highlighting the most important lesson to learn about AI-assisted vulnerability research. It's not the model, it's the infrastructure around it: https://www.microsoft.com/en-us/security/blog/2026/05/12/defense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-tops-leading-industry-benchmark/?v=1
Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark | Microsoft Security Blog

Today Microsoft is announcing a major step forward in AI-powered cyber defense: a new multi-model agentic scanning harness (codenamed MDASH).

Microsoft Security Blog
Lee Holmes May 12

Messing around with an MTG-inspired game that uses regular playing cards, and wow - meta tuning can be a rabbit hole!

But being able to run thousands of simulations of different rule tweaks to check for fairness, risk of boredom, avalanche effects - it's like a super power.