Since today @opengrep secures every pull request monitored by Keymaster, our CI/CD security pipeline.
Reach me out if you want to know more about how we did it and how we provided a smooth #DevEx security solution to our engineers with open source tools
#cybersecurity#appsec
@IceSolst And that's why you do it with open source tools.
If you already have to spend time integrating something, it better be something on which you can have full control on and does not cost one kidney of each developer you have
@HackingDave If only I had the possibility to run a Sonnet 4.6 or 4.5 locally on my machine, that's all I would need for the rest of my life. Let's hope that day comes soon enough
@IceSolst I know that lately their security posture has not been great but I still trust them. What about starting from something like https://t.co/SJ1a9f04fO instead of starting from scratch?
@IceSolst Even if they would be leaked, it won't matter at that point.
Environmental variables used in production should be synced from a secure vault (e.g. HCV) at runtime, so impossible to be leaked and accessed by an LLM (unless the llm is the prod app itself and has disk/shell access)
@IceSolst Imho secrets on developers machines should be tied just to development environments so low risk because they would not affect anything production related. The code pushed to master used for production deployment would be gated in CI/CD.
@AlfonsoFuggetta Per quanto riguarda il nostro settore e in particolare il mio, Application Security, I modelli anthropic non hanno rivali. Purtroppo non ho ancora trovato modelli Open Source che diano la stessa consistenza e affidabilità di risultato.
We built a multi-agent AI system that produces production-ready Nuclei detection templates overnight. Here's how it actually works.
Multiple specialized agents, three model providers, and an actor-critic refinement loop that iterates on templates until they pass validation.
Each agent uses the right model for the job. Research, code generation, asset correlation in Praetorian Guard, and exploitation analysis — all orchestrated through a structured pipeline.
Read the full architecture breakdown 👇
https://t.co/mXGmHm2qC8
@0xTib3rius@IceSolst Openclaw is just the tip of the iceberg, because it is open source and obviously visible to everyone. The real question nowadays is how many companies with closed source products are following the same trajectory all in the name of delivery speed
@0xTib3rius@AcrossPondPod If you need someone telling a story on how to move from fullstack development to application security, feel free to ping me :) it's also a war story
We need a new social contract: I trust you, but your AI agent is a snitch.
We’re chatting on Signal, enjoying encryption, right? But your DIY productivity agent is piping the whole thing back to Anthropic.
Friend, you’ve just created a permanent subpoena-able record of my private thoughts held by a corporation that owes me zero privacy protections.
Even when folks use open-source agents like @openclaw in decentralized setups, the default /easy configuration is to plug in an API resulting in data getting backhauled to Anthropic, OpenAI, etc.
And so those providers get all the good stuff: intimate confessions, legal strategies, work gripes. Worse? Even if you’ve made peace with this, your friends absolutely haven’t consented to their secrets piped to a datacenter. Do they even know?
Governments are spending a lot of time trying to kill end-to-end encryption, but if we’re not careful, we’ll do the job for them.
The problem is big & growing:
Threat 1: proprietary AI agents. Helpers inside apps or system-wide stuff. Think: desktop productivity tools by a big company. Hello, Copilot. These companies already have tons of incentive to soak up your private stuff & are very unlikely to respect developer intent & privacy without big fights (Those fights need to keep happening)
Threat 2: DIY agents that are privacy leaky as hell, not through evil intent or misaligned ethics, but just because folks are excited and moving quickly. Or carelessly. And are using someone’s API.
I sincerely hope is that the DIY/ OpenSource ecosystem that is spinning up around AI agents has some privacy heroes in it. Because it should be possible to do some building & standards that use permission and privacy as the first principle.
Maybe we can show what’s possible for respecting privacy so that we can demand it from big companies?
Respecting your friends means respecting when they use encrypted messaging. It means keeping privacy-leaking agents out of private spaces without all-party consent.
Ideas to mull (there are probably better ones, but I want to be constructive):
Human only mode/ X-No-Agents flags
How about converging on some standards & app signals that AI agents must respect, absolutely. Like signals that an app/chat can emit & be opted out of exposure to an AI agent.
Agent Exclusion Zones
For example, starting with the premise that the correct way to respect developer (& user intent) with end to end encrypted apps is that they not be included, perhaps with the exception [risky tho!] of whitelisting specific chats etc. This is important right now since so many folks are getting excited about connecting their agents to encrypted messengers as a control channel, which is going to mean lots more integrations soon.
#NoSecretAgents
Something like a developer pledge that agents will declare themselves in chat and not share data to a backend without all-party consent.
None of these ideas are remotely perfect, but unless we start experimenting with them now, we're not building our best future.
Next challenge? Local Only / Private Processing: local-First as a default.
Unless we move very quickly towards a world where the processing that agents do is truly private (e.g. not accessible to a third party) and/or local by default, even if agents are not shipping signal chats, they are creating an unbelievably detailed view into your personal world, held by others. And fundamentally breaking your own mental model of what on your device is & isn't under your control / private.
Excited to disclose my research allowing RCE in Kubernetes
It allows running arbitrary commands in EVERY pod in a cluster using a commonly granted "read only" RBAC permission. This is not logged and and allows for trivial Pod breakout.
Unfortunately, this will NOT be patched.