This week's articles
Building Slack’s Anomaly Event Response
This article introduces Slack's Anomaly Event Response (AER), an automated security system that detects suspicious activities and terminates user sessions in real-time, reducing detection-to-response gaps from hours to minutes.
#defend
#monitor
#strategy
Docker Sandboxes: Run Claude Code and More Safely
Docker Sandboxes now offer microVM isolation for macOS and Windows, enabling coding agents like Claude Code to run unsupervised in disposable environments. Features include hypervisor-based isolation, safe Docker-in-Docker execution, and network controls for secure autonomous agent operation.
#announcement
#ai
#containers
Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile
Mature enterprises lock down egress but often carve out broad exceptions for trusted cloud services. This post shows how reviewing deployment guides can help identify those exceptions and weaponize them with a new Mythic C2 profile called azureBlob.
#azure
#attack
|