Posts

How to Become an Ethical Hacker: Skills, Certifications, & Advice

How to Become an Ethical Hacker: Skills, Certifications, & Advice

Cybersecurity experts Jeff Crume and Patrick Fussell outline the essential skills, mindset, certifications, and career paths for aspiring ethical hackers, offering practical advice for breaking into the field of penetration testing and red teaming.

Learning Python Programming • Fabrizio Romano & Naomi Ceder • GOTO 2025

Learning Python Programming • Fabrizio Romano & Naomi Ceder • GOTO 2025

Author Fabrizio Romano discusses his decade-long journey writing "Learning Python Programming," detailing the book's evolution from GUI-focused content to command-line applications. He explores the controversial but ultimately beneficial introduction of typing in Python, the role of AI as a powerful tool for developers, and the critical importance of nurturing junior talent rather than replacing them with AI, emphasizing the enduring need for fundamental programming skills and human expertise.

The Missing Piece in the AI for BI Puzzle

The Missing Piece in the AI for BI Puzzle

Yoni Leitersdorf, CEO of Solid, explains that directly applying Large Language Models (LLMs) to databases for text-to-SQL fails due to a lack of business context. He introduces the concept of a semantic layer as a critical "Rosetta Stone" that translates raw data into a meaningful format AI can understand, enabling reliable and accurate data interaction.

No Priors Ep. 134 | With Palo Alto Networks CEO Nikesh Arora

No Priors Ep. 134 | With Palo Alto Networks CEO Nikesh Arora

Nikesh Arora, CEO of Palo Alto Networks, discusses the transformative impact of AI on search, enterprise business models, and cybersecurity. He explores the shift from search to agentic AI, the challenges and opportunities for enterprise adoption, and how AI is fundamentally compressing cyberattack timelines while enabling new, data-centric defense strategies.

Detecting Compromise of Passkey Storage on the Cloud

Detecting Compromise of Passkey Storage on the Cloud

Mazharul Islam from the University of Wisconsin—Madison introduces CASPER, a novel deception-based framework designed to detect the misuse of passkeys stolen from cloud storage providers. CASPER uses a system of decoy secrets and passkeys to enable relying parties (websites) to identify and flag unauthorized login attempts, effectively balancing security, usability, and deployability without disrupting the user experience.

Encrypted Access Logging for Online Accounts: Device Attributions without Device Tracking

Encrypted Access Logging for Online Accounts: Device Attributions without Device Tracking

Client-Side Encrypted Access Logging (CSAL) is a proposed protocol that uses OS-level cryptography and FIDO2-style attestations to create trustworthy, privacy-preserving account activity logs, resolving the tension between preventing user tracking and accurately detecting account compromise.