ELI5 - This is GRC

08 Nov 2023 ELI5 Hacking DevSecOps

What you need to know before you start your bug bounty program

Tips and tricks on what to expect from a bug bounty program in your organization: how will the program help your security posture, and how to take care of your response team who is going to be on the front lines.

19 Jul 2023 ELI5 GRC

What is ISO27001 Certification?

Explaining what makes the ISO27001 standard relevant for information security professionals today. I tell the story of how I took part in an ISO27001 certification process. I share my expert opinion on how this framework can help an organization manage security in a cost-effective way.

12 Jul 2023 Hacking ELI5

How do ChatGPT and other LLMs get hacked?

Ever wondered if ChatGPT can be taken over? This post explains - like you're five - the hacks of ChatGPT and other LLMs. The silver lining? We do have the necessary tools to address AI hacking. It's now a question of whether the security community will act fast enough.

21 Jun 2023 Breaches Hacking ELI5

Who is behind ransomware attacks?

Looking at cybercriminals' motivations, recruiting tactics, and targets. How did ransomware come to operate like a software business? Plus a deep dive into who joins ransomware criminal gangs. Learn why teenage boys are often recruited.

07 Jun 2023 ELI5 DevOps DevSecOps Hacking

How do Supply-Chain Attacks Work? Examples from Software Development

Did you know software is made up of hundreds of tiny pieces of software called libraries? Attackers sure do. Nowadays, they prey on developers' cognitive loads to infiltrate our most trusted applications. Let's unpack the new phenomenon of supply chain attacks.