Uncle Joe
@sydseter.com
Co-leader OWASP Cornucopia. If you like what we do for open source, visit our code repository https://github.com/OWASP/cornucopia and give us a star ⭐
🌈 «Difference is of the essence of humanity» 🦄 – John Hume
#appsec #owasp #cornucopia #threatmodeling
🌈 «Difference is of the essence of humanity» 🦄 – John Hume
#appsec #owasp #cornucopia #threatmodeling
Never thought I’d find Foster’s lager in a rural village in northern Spain. It’s a real odity as Mahou and Estrella Galicia is usually all you find. I am well aware that it’s not really Australian, but still.If you ever think about going to Spain I recommend my second home Asturias, the celtic Spain
December 30, 2025 at 4:09 PM
Never thought I’d find Foster’s lager in a rural village in northern Spain. It’s a real odity as Mahou and Estrella Galicia is usually all you find. I am well aware that it’s not really Australian, but still.If you ever think about going to Spain I recommend my second home Asturias, the celtic Spain
And so we are gathered here today in memory of a life not well lived that lasted no shorter than what was expected. Together with all the grieving relatives, relieved that management pulled the plug after AI made it to expensive.
December 24, 2025 at 8:57 AM
And so we are gathered here today in memory of a life not well lived that lasted no shorter than what was expected. Together with all the grieving relatives, relieved that management pulled the plug after AI made it to expensive.
The nail in the coffin.
December 10, 2025 at 7:26 AM
The nail in the coffin.
There is a lot of talk around AI and design automation lately. The consensus seems to be to be that both code and design, first and foremost are there to help us talk together. Not human to machine, but human to human. Nothing has really changed except that we have to babysit managers that disagree.
December 1, 2025 at 9:23 AM
There is a lot of talk around AI and design automation lately. The consensus seems to be to be that both code and design, first and foremost are there to help us talk together. Not human to machine, but human to human. Nothing has really changed except that we have to babysit managers that disagree.
Meta: «Instead of protecting consumers, today’s outcome sets a dangerous precedent and shifts responsibility a ay from those best placed to prevent fraud» I presume they mean their ageing users?
November 28, 2025 at 11:58 AM
Meta: «Instead of protecting consumers, today’s outcome sets a dangerous precedent and shifts responsibility a ay from those best placed to prevent fraud» I presume they mean their ageing users?
The Second Wave of Shai Hulud Supply Chain Attak is a dress up party for selling useless SAST software.
November 28, 2025 at 8:46 AM
The Second Wave of Shai Hulud Supply Chain Attak is a dress up party for selling useless SAST software.
Version 1 of the OWASP AI testing guide just got published.
I promise you, from my own experience, this will save you a lot of heartache.
github.com/OWASP/www-pr...
I promise you, from my own experience, this will save you a lot of heartache.
github.com/OWASP/www-pr...
November 27, 2025 at 10:31 AM
Version 1 of the OWASP AI testing guide just got published.
I promise you, from my own experience, this will save you a lot of heartache.
github.com/OWASP/www-pr...
I promise you, from my own experience, this will save you a lot of heartache.
github.com/OWASP/www-pr...
Approach security awareness from the perspective of a 9-year-old. How would your kids teach their moms and dads what not to do.
November 20, 2025 at 11:22 AM
Approach security awareness from the perspective of a 9-year-old. How would your kids teach their moms and dads what not to do.
The State Of Threat Modeling Survey (hashtag#SOTM) 2025-2026 from Threat Modeling Connect has been sent out (see: threatmodelingconnect.com/state-of-threat-modeling-2025-2026 ). Find out how your organization is doing regarding threat modeling!
#threatmodeling #security #infosec #appsec
#threatmodeling #security #infosec #appsec
November 19, 2025 at 3:07 PM
The State Of Threat Modeling Survey (hashtag#SOTM) 2025-2026 from Threat Modeling Connect has been sent out (see: threatmodelingconnect.com/state-of-threat-modeling-2025-2026 ). Find out how your organization is doing regarding threat modeling!
#threatmodeling #security #infosec #appsec
#threatmodeling #security #infosec #appsec
Did you know that according to ISO 27001, 8.28 Secure coding, pair programming, refactoring, and test-driven development are considered to be secure coding practices?
Next time someone ask, shh, just let it happen!
Next time someone ask, shh, just let it happen!
November 7, 2025 at 8:25 AM
Did you know that according to ISO 27001, 8.28 Secure coding, pair programming, refactoring, and test-driven development are considered to be secure coding practices?
Next time someone ask, shh, just let it happen!
Next time someone ask, shh, just let it happen!
OWASP Top 10 2025 is going live now at owasp.org/Top10/
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
November 6, 2025 at 7:02 PM
OWASP Top 10 2025 is going live now at owasp.org/Top10/
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
New is:
A03:2025 Software Supply Chain Failures
and…
A10:2025 Mishandling of Exceptional Conditions
The last one based on assessments done with OWASP SAMM core team members. I can take no credit here whatsoever. Congratulations!
Games aren't just for fun, they're essential for our survival.
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
November 6, 2025 at 5:17 PM
Games aren't just for fun, they're essential for our survival.
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
We often think of playing and gaming as unique to humans, but research shows otherwise. All animals with a brain play, even bumblebees.
These nine panels show the sequence of a ball-rolling action, lasting, in this instance, ca.4s. (1/4)
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary, and is always REQUIRED!
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
November 4, 2025 at 7:07 AM
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary, and is always REQUIRED!
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
You don’t need to ask for consent until the user says yes repeatedly. I know that means you may not get lucky, but it’s an excellent way to ensure you keep your friendships.
I am so tiered of explaining to people about privacy and cookies, so here is an allegory for you.
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
November 3, 2025 at 4:01 PM
I am so tiered of explaining to people about privacy and cookies, so here is an allegory for you.
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
As in sex, the same goes for privacy, consent must be active, clear, knowing, ongoing, voluntary and is always REQUIRED!
Consult with your physician
October 31, 2025 at 6:13 AM
Consult with your physician
Don’t get too addicted to those pills. Do it on weekends when it’s fun.
October 31, 2025 at 6:08 AM
Don’t get too addicted to those pills. Do it on weekends when it’s fun.
October 30, 2025 at 7:35 AM
I am very happy to be given the opportunity to judge all the fantastic entries in this year’s CyberSec Games competition together with my fellow judges. Oh, boy have it been a tough choice. I am also very happy to say that we’ve had no information leaks yet, but stay tuned for the announcement!
October 28, 2025 at 7:02 AM
I am very happy to be given the opportunity to judge all the fantastic entries in this year’s CyberSec Games competition together with my fellow judges. Oh, boy have it been a tough choice. I am also very happy to say that we’ve had no information leaks yet, but stay tuned for the announcement!
