I'm back: here's what happened
Six years ago, I stopped blogging to reorganize my life in Switzerland.
Now I'm back to blogging.
I came to Switzerland to work with security research and blockchain consultancy. Then the department got reorganized, and I found myself working as a blockchain and Java developer. I had to write an IAM from scratch. Later, I worked with DLP and SSO using Keycloak. Lastly, I was working with IAM and WAFs for banks. All in different departments within the same company.
The challenge is that selling B2B products, in general, is quite slow. The solution I chose was to start doing consultancy work on threat modeling and focus on finding companies looking to start or scale their threat modeling programs. This startup is my toughest challenge so far, but incredibly exciting.
With so much text around, I've realized how much I enjoy writing. Now that I have more time for it, I'm reigniting the blog with a monthly post.
On my next post I will detail how I built checklist.devops.security, a security checklist generator using GPT-4. Some interesting points I will cover:
- how I handled prompt injection attacks for this app
- is GPT-4 good enough for generating security checklists?
- the role of appsec in generative apps
Let's see how it goes ;)