HH.security #21

Hello friendly people,

please join us for the new edition of our security meetup and experience these great talks:

"Pirates of the cAIbbean - practical applications of AI in security" by Vladyslav Cherednychenko

"Ahoy there, ye salty lot!"
We've all heard the rumblings from the depths—"Arrr, this AI writes code riddled with holes, like a ship made o’ cheese!" But I say... what if we steer straight into the storm, and use that very flaw to our advantage?

Come aboard my ship to explore a bold idea: taking real vulnerability reports and descriptions of security flaws, and using AI to generate intentionally vulnerable applications. Why? So we can see these issues in action, learn how they work, and most importantly — learn how to fix them.

Think of it as vibe coding a security training on easy mode. Instead of fearing the model’s mistakes, we’ll turn them into teachable moments.

So hoist the mainsail for a ride where we embrace the chaos, build with purpose, and turn AI-generated insecurity into your next superpower.

"Operationalizing Cloud Security: From Foundational Landing Zones to Continuous Vulnerability Management" by Kaan Tolunay Kilic and Dr. Mahmoud Reza Rahbar Azad

This talk demonstrates how to enforce security guardrails within Google Cloud Platform (GCP) using secure landing zones and bridges the gap to operationalizing vulnerability management.

It focuses on how to aggregate and normalize threat data from multiple sources into a unified vulnerability database, to leverage tools like Chainguard apko to build minimal, secure-by-default container images.