Christian Folini
@christian-folini.ch
Web application security guy with a passion for OWASP's open source WAF projects and National Cyber Strategy.
Maintains "Swiss Cyber Security" starter pack and cherishes his small collection of medieval helmets.
Maintains "Swiss Cyber Security" starter pack and cherishes his small collection of medieval helmets.
Guess who's going to the circus tonight.
August 3, 2025 at 2:31 PM
Guess who's going to the circus tonight.
Another hour and we're ready. Deer shank on a spit.
June 29, 2025 at 8:36 AM
Another hour and we're ready. Deer shank on a spit.
OWASP awarded me with a distinguished lifetime member award last week.
I am deeply thankful for this recognition and the support by the OWASP CRS team that made this possible.
I am deeply thankful for this recognition and the support by the OWASP CRS team that made this possible.
June 2, 2025 at 3:40 PM
OWASP awarded me with a distinguished lifetime member award last week.
I am deeply thankful for this recognition and the support by the OWASP CRS team that made this possible.
I am deeply thankful for this recognition and the support by the OWASP CRS team that made this possible.
Got my new sticker in the mail today. Here we go!
April 1, 2025 at 9:01 PM
Got my new sticker in the mail today. Here we go!
March 13, 2025 at 8:07 AM
After years of searching I finally found it.
February 18, 2025 at 7:03 PM
After years of searching I finally found it.
February 8, 2025 at 6:53 AM
Only saying.
Die super apps funktionieren in China. Es ist nicht auszuschliessen dass sie hier auch funktionieren. Vorzeitig abschreiben würde ich es deshalb nicht. Aber riskant ist es allemal.
Die super apps funktionieren in China. Es ist nicht auszuschliessen dass sie hier auch funktionieren. Vorzeitig abschreiben würde ich es deshalb nicht. Aber riskant ist es allemal.
February 1, 2025 at 8:09 AM
Only saying.
Die super apps funktionieren in China. Es ist nicht auszuschliessen dass sie hier auch funktionieren. Vorzeitig abschreiben würde ich es deshalb nicht. Aber riskant ist es allemal.
Die super apps funktionieren in China. Es ist nicht auszuschliessen dass sie hier auch funktionieren. Vorzeitig abschreiben würde ich es deshalb nicht. Aber riskant ist es allemal.
This is me at my desk for my new mini-job: part-time librarian in the local community library.
We have 5000 books in our collection, a team of 4, we're open 3 times a week and on appointment for the local schools and nurseries.
bibliothek.kiesen.ch
(No, I have no plans to revamp the website.)
We have 5000 books in our collection, a team of 4, we're open 3 times a week and on appointment for the local schools and nurseries.
bibliothek.kiesen.ch
(No, I have no plans to revamp the website.)
January 31, 2025 at 10:28 AM
This is me at my desk for my new mini-job: part-time librarian in the local community library.
We have 5000 books in our collection, a team of 4, we're open 3 times a week and on appointment for the local schools and nurseries.
bibliothek.kiesen.ch
(No, I have no plans to revamp the website.)
We have 5000 books in our collection, a team of 4, we're open 3 times a week and on appointment for the local schools and nurseries.
bibliothek.kiesen.ch
(No, I have no plans to revamp the website.)
One of these days when Switzerland is almost unreal.
January 26, 2025 at 1:39 PM
One of these days when Switzerland is almost unreal.
theyseeyourphotos.com is a an awareness service that takes a photo you _want to share_ and runs it through Google's AI to teach you what a photo can reveal about you.
I tried it out with one of me. The bias is flattering for me, but I still find it creepy.
I tried it out with one of me. The bias is flattering for me, but I still find it creepy.
December 16, 2024 at 2:55 PM
theyseeyourphotos.com is a an awareness service that takes a photo you _want to share_ and runs it through Google's AI to teach you what a photo can reveal about you.
I tried it out with one of me. The bias is flattering for me, but I still find it creepy.
I tried it out with one of me. The bias is flattering for me, but I still find it creepy.
So there is a movie might at Folinis.
What might be the film?
Not too difficult to guess...
What might be the film?
Not too difficult to guess...
December 13, 2024 at 6:39 PM
So there is a movie might at Folinis.
What might be the film?
Not too difficult to guess...
What might be the film?
Not too difficult to guess...
Notorious Swiss "Homeland Security Company" #Xplain is looking for a new CEO.
Despite the leakage, the scandal and the bad press, security is a non-issue in the ad. Security is not part of the tasks of the CEO and no security experience whatsoever is needed. 🤦
www.linkedin.com/jobs/view/40...
Despite the leakage, the scandal and the bad press, security is a non-issue in the ad. Security is not part of the tasks of the CEO and no security experience whatsoever is needed. 🤦
www.linkedin.com/jobs/view/40...
December 4, 2024 at 12:43 PM
Notorious Swiss "Homeland Security Company" #Xplain is looking for a new CEO.
Despite the leakage, the scandal and the bad press, security is a non-issue in the ad. Security is not part of the tasks of the CEO and no security experience whatsoever is needed. 🤦
www.linkedin.com/jobs/view/40...
Despite the leakage, the scandal and the bad press, security is a non-issue in the ad. Security is not part of the tasks of the CEO and no security experience whatsoever is needed. 🤦
www.linkedin.com/jobs/view/40...
The pleasures on a slow Sunday: blueskyroast.com
What beats me about these sentiment analysis AI prompts: They take surprisingly little input, come up with a baseline and then the hallucinate the rest.
What beats me about these sentiment analysis AI prompts: They take surprisingly little input, come up with a baseline and then the hallucinate the rest.
December 1, 2024 at 9:39 AM
The pleasures on a slow Sunday: blueskyroast.com
What beats me about these sentiment analysis AI prompts: They take surprisingly little input, come up with a baseline and then the hallucinate the rest.
What beats me about these sentiment analysis AI prompts: They take surprisingly little input, come up with a baseline and then the hallucinate the rest.
This is what happens when that random person in Nebraska gives up maintaining that crucial piece of a supply chain after years of going without any support from commercial integrators.
December 1, 2024 at 12:47 AM
This is what happens when that random person in Nebraska gives up maintaining that crucial piece of a supply chain after years of going without any support from commercial integrators.
This is how I do the diff, loop over the delta and how I then send me a summary via email.
December 1, 2024 at 12:20 AM
This is how I do the diff, loop over the delta and how I then send me a summary via email.
I came across a photo of this manual dating back to 1977.
The PDP-11 compatible VAX-11 was the hot stuff at the time.
Intriguing to see a female expert explaining it to a suit.
This advertising approach ceased entirely when computers began to be exclusively marketed to men in the 1980s.
The PDP-11 compatible VAX-11 was the hot stuff at the time.
Intriguing to see a female expert explaining it to a suit.
This advertising approach ceased entirely when computers began to be exclusively marketed to men in the 1980s.
November 28, 2024 at 9:45 AM
I came across a photo of this manual dating back to 1977.
The PDP-11 compatible VAX-11 was the hot stuff at the time.
Intriguing to see a female expert explaining it to a suit.
This advertising approach ceased entirely when computers began to be exclusively marketed to men in the 1980s.
The PDP-11 compatible VAX-11 was the hot stuff at the time.
Intriguing to see a female expert explaining it to a suit.
This advertising approach ceased entirely when computers began to be exclusively marketed to men in the 1980s.
I'm discussing the idea behind the "Chaos Fortress" plugin for @owasp.org CRS (coreruleset.org) with more people.
I started this for fun, but now I think it might actually work in prod.
The basic idea is in the graph below.
What do you think? Brilliant or idiotic?
If idiotic, please tell me why!
I started this for fun, but now I think it might actually work in prod.
The basic idea is in the graph below.
What do you think? Brilliant or idiotic?
If idiotic, please tell me why!
November 26, 2024 at 9:00 AM
I'm discussing the idea behind the "Chaos Fortress" plugin for @owasp.org CRS (coreruleset.org) with more people.
I started this for fun, but now I think it might actually work in prod.
The basic idea is in the graph below.
What do you think? Brilliant or idiotic?
If idiotic, please tell me why!
I started this for fun, but now I think it might actually work in prod.
The basic idea is in the graph below.
What do you think? Brilliant or idiotic?
If idiotic, please tell me why!
I always saw teaching at the famous German #Linuxhotel as peak teaching experience.
At last, I'm here, having a great time with six students eager to learn about #ModSecurity / OWASP CRS with the November rain being the only downside.
Here is a photo from a better season.
At last, I'm here, having a great time with six students eager to learn about #ModSecurity / OWASP CRS with the November rain being the only downside.
Here is a photo from a better season.
November 19, 2024 at 7:07 PM
I always saw teaching at the famous German #Linuxhotel as peak teaching experience.
At last, I'm here, having a great time with six students eager to learn about #ModSecurity / OWASP CRS with the November rain being the only downside.
Here is a photo from a better season.
At last, I'm here, having a great time with six students eager to learn about #ModSecurity / OWASP CRS with the November rain being the only downside.
Here is a photo from a better season.
Very happy with the release of "Chaos Fortress", an OWASP CRS plugin that attempts to break the feedback loop for attackers, effectively making adversarial machine learning way harder.
First, I did this for fun. But now I think it might actually work.
github.com/dune73/chaos...
First, I did this for fun. But now I think it might actually work.
github.com/dune73/chaos...
November 18, 2024 at 4:29 PM
Very happy with the release of "Chaos Fortress", an OWASP CRS plugin that attempts to break the feedback loop for attackers, effectively making adversarial machine learning way harder.
First, I did this for fun. But now I think it might actually work.
github.com/dune73/chaos...
First, I did this for fun. But now I think it might actually work.
github.com/dune73/chaos...