Making network egress filtering effective, reliable and usable.
Founder & Chief Engineer at @ChaserSystems
| blog | https://www.new23d.com/ |
Dhruv AHUJA
- 48 Followers
- 37 Following
- 265 Posts
I have to say Eldon Sprickerhoff's Committed has filled some critical gaps I didn't know I had. The book is also non-repetitive, has short-length chapters and to-the-point.
We dug deeper into data & telemetry sent #outbound by #Cursor, #Claude, #Copilot and 4 other agent editors, so you can make an informed choice. With the IOCs revealed, you can also monitor for shadow IT usage of these in your corporate/cloud networks.
https://chasersystems.com/blog/what-data-do-coding-agents-send-and-where-to/
I would've reversed the order of recommendations by Wiz on their RediShell CVE-2025-49844 blog post. Network controls are easier & quicker to apply and involve no downtime; than changing server & client side configs. Even allowing all known IP ranges of your apps' service providers is safer than leaving open to the entire internet. Not saying don't patch systems - but take your time to get there. Attack from a tenant on the same provider is a slim chance. Some users will never get to patching Redis or changing server/client configs ever because the team who put that in has moved on!
I was affected by first the British Library hack, then M&S, Berlin airport, and now embraced for Asahi shortage. Pretty sure all of them, including JLR, had a `bag of tools` like the most popular EDRs in their peer groups, visibility tools such as CSPMs (CNAPPs now?), and maybe one or two preventive tools too.
But effective cybersecurity isn't a budget, a SOC, logs and products.
Effective cybersecurity is architecture. Without a cohesive plan on how the tools fit together and how architectural choices prevent breaches (rather than just increase visibility), we'll continue to see more of this.
For example, EDR across IT will not prevent lateral movement to OT; network segregation will.
TLS inspection for egress traffic is getting harder and perhaps already at a point where security teams are finding more traffic needing to be excepted than not.
Woke up today to see an email from a prospect who had chosen another solution over DiscrimiNAT because ours didn't decrypt. Well, they are back because of Mutual TLS needing (TLS Client authn) and Certificate Pinned apps in their cloud.
Every #cloud has a silver lining. Today's London #tubestrike π has opened up #bbcproms tickets πΌ
Sorry, this post wasn't about AWS, GCP, Azure, etc. π
Stock photo does suggest writing a multicloud conductor may not be a bad idea!
Excited to share my recent appearance on the "Modern Cyber with Jeremy Snyder" podcast, recorded live from @fwdcloudsec 2025 in Denver! We dove deep into the evolving world of cybersecurity, from my roots in financial services to innovative cloud security hacks, and the real-world impact of the shift to IPv6.
We covered:
π High-speed finance systems vs. the realities of modern cloud
π Using Letβs Encrypt + AWS IAM Roles Anywhere to eliminate static credentials
π Why IPv6 adoption is finally gathering pace (and the surprises it brings)
π€ How IP addresses have lost meaning in multi-tenant cloud environments
ποΈ Building a domain-based egress firewall at Chaser Systems to make security faster for developers, not slower
If you're in cloud security, networking, or just love geeking out on PKI and IPv6, this oneβs worth your time. Link: https://rss.com/podcasts/modern-cyber-with-jeremy-snyder/2178238/
Just received @adamshostack's Threats: What Every Engineer Should Learn From Star Wars in the post. This should make the STRIDE threat modelling session we have next week more fun with R2D2 and C3PO!
Gotta cover all known bases when build a SaaS in cybersecurity!