This Month in Security: April 2025

“Cyber Security at the Ministry of Defence” by Defence Imagery is licensed under CC BY-NC 2.0 Keeping up with cybersecurity can sometimes feel like a full-time job, but we have broken down the latest updates and emerging threats for April into bite-sized pieces; full details can be found in

Red Team Reloaded: Hacking AI Applications

Generative Artificial Intelligence is everywhere these days— from customer service chatbots all the way up to autonomous agents writing code on behalf of users. However, as these AI models are given more power and agency, they also become a much larger target for adversarial attacks. How can we ensure that

Breaking Into AppSec: Hack Your Way Into Cybersecurity!

Introduction Breaking into Application Security can feel overwhelming at first. However, it's one of the most rewarding and dynamic fields in cybersecurity. You might be a newcomer to the industry, a software engineer or product manager looking to make a career pivot, or an existing AppSec engineer looking

Happy AppSec New Year - 2024 Recap

What a year 2024 was for Application Security! New technologies, new incidents, new attack patterns, and so much more! The landscape of Application Security has undergone significant shifts over the past year. Artificial Intelligence continues to become a larger part of the cybersecurity scene, both on offense and defense. While

Analyzing access to S3 buckets

A robust AWS incident response plan tends to begin with CloudTrail. CloudTrail is a tool that enables insight into events that occur within the AWS account. It is the first step in investigating a breached account and generally provides a wealth of information. In many cases, however, CloudTrail will not

Software Bill of Materials: Understanding What You’re Actually Running

Software increasingly becomes more complicated. We regularly import libraries for complex or tedious tasks that we would rather not do ourselves to speed up the development of new applications or features. Database connectors, web application frameworks, serialization libraries. The list goes on for tools we need to remain highly productive.

Preventing Overreliance: Proper Ways to Use LLMs

LLMs have a very uncanny ability of being able to solve problems in a wide variety of domains. Unfortunately, they also have a tendency to fail catastrophically. While an LLM may be able to provide accurate responses 90% of the time, due to nondeterministic behavior, one must be prepared for

Ignore Previous Instruction: The Persistent Challenge of Prompt Injection in Language Models

Prompt injections are an interesting class of emergent vulnerability in LLM systems. It arises because LLMs are unable to differentiate between system prompts, which are created by engineers to configure the LLM’s behavior, and user prompts, which are created by the user to query the LLM. Unfortunately, at the

Introduction to LLM Security

In the dynamic world of AI today, Large Language Models (LLMs) stand out as one of the most interesting and capable technologies. The ability to answer arbitrary prompts has numerous business use cases. As such, they are rapidly being integrated into a variety of different applications. Unfortunately, there are many

The Security Benefits of Infrastructure as Code

We have developed and delivered new ways to deliver infrastructure quickly and without these misconfigurations. Prevention is the only cure; we’ll talk about how you can implement this today.

Don't let your containers escape! Update runc & Docker Now!

TL;DR: Update runc and associated software (such as Docker) to the latest version to address several container breakout vulnerabilities. The security research team at Snyk recently disclosed vulnerabilities in runc <= 1.11.11, which can result in container escapes. Container escaping allows for access to the host operating

Upcoming Events at CSP!

We're starting off the year with a few big events we're speaking and training at. Get ready for a deep dive into the latest in cloud computing and cybersecurity with our very own experts, Mike McCabe and John Poulin. Mike McCabe at Cloud Connect - DeveloperWeek

OIDC for GitHub Actions

At Cloud Security Partners, we perform a lot of code reviews and Cloud Security Assessments. During these engagements, we see many different CI/CD patterns that cause us to raise our eyebrows. One situation in particular that we encounter relatively often is the unsafe use of AWS credentials. The CIS

Our Support For Cloudsplaining

We’re proud to announce that Cloud Security Partners will be forking and maintaining Cloudsplaining, the popular cloud IAM tool. Open source and giving back to the community are very important to us and something we try to do often via contributions and free training! The cloud security community has