Curated topic

security

Posts tagged with security

GitHub EngineeringJan 20, 2026

AI-supported vulnerability triage with the GitHub Security Lab Taskflow Agent

Why it matters: Triaging security alerts is often manual and repetitive. This framework allows engineers to automate human-like reasoning to filter false positives at scale, combining the precision of CodeQL with the pattern-matching flexibility of LLMs to find real vulnerabilities faster.

GitHub Security Lab introduced the Taskflow Agent, an open-source framework for automating security research and vulnerability triage using LLMs.
Taskflows are defined in YAML files, breaking complex audits into smaller, sequential tasks to overcome LLM context window limitations and improve accuracy.
The framework utilizes Model Context Protocol (MCP) servers to perform conventional programming tasks like file fetching and searching alongside AI reasoning.
It supports asynchronous batch processing, allowing engineers to apply templated audit logic across numerous CodeQL alerts simultaneously.
Real-world application of the tool successfully identified approximately 30 vulnerabilities by filtering out false positives that traditional static analysis tools struggle to detect.

#security #mlp

Read original

Cloudflare BlogJan 19, 2026

How we mitigated a vulnerability in Cloudflare’s ACME validation logic

Why it matters: This vulnerability highlights the risks of global security bypasses for protocol-specific paths. Engineers must ensure that 'allow-list' logic for automated services like ACME is strictly scoped to prevent unintended access to origin servers without protection.

Security researchers identified a vulnerability in Cloudflare's ACME HTTP-01 challenge validation logic.
The flaw allowed requests to bypass Web Application Firewall (WAF) rules on specific ACME-related paths.
Cloudflare previously disabled WAF features on these paths to prevent interference with automated certificate issuance.
A logic error allowed unauthenticated requests to reach customer origins without WAF protection if tokens weren't managed by Cloudflare.
The mitigation ensures security features are only disabled when a request matches a valid ACME token for the specific hostname.

#security #dist

Read original

GitHub EngineeringJan 15, 2026

When protections outlive their purpose: A lesson on managing defense systems at scale

Why it matters: Security mitigations added during incidents can become technical debt that degrades user experience. This case study emphasizes the need for lifecycle management and observability in defense systems to ensure temporary protections don't inadvertently block legitimate traffic as patterns evolve.

GitHub identified that emergency defense mechanisms, such as rate limits and traffic controls, were inadvertently blocking legitimate users after outliving their original purpose.
The issue stemmed from composite signals that combined industry-standard fingerprinting with platform-specific business logic, leading to false positives during normal browsing.
While the false-positive rate was low (0.003-0.004% of total traffic), it caused consistent disruption for logged-out users following external links.
The investigation involved tracing requests across a multi-layered infrastructure built on HAProxy to pinpoint which specific defense layer was triggering the blocks.
The incident reinforces that observability and lifecycle management are as critical for security mitigations as they are for core product features.

#sre #security

Read original

GitHub EngineeringJan 14, 2026

Community-powered security with AI: an open source framework for security research

Why it matters: This framework lowers the barrier for security research by using AI to automate complex workflows like variant analysis. By integrating with CodeQL via MCP, it allows engineers to scale vulnerability detection using natural language, fostering a collaborative, community-driven security model.

GitHub Security Lab released the Taskflow Agent, an open-source agentic framework designed for security research and automation.
The framework leverages the Model Context Protocol (MCP) to interface with existing security tools such as CodeQL.
It allows researchers to encode and scale security knowledge using natural language to perform complex tasks like variant analysis.
The agent is experimental but ready for community use, supporting various AI backends including GitHub Models API.
A provided demo illustrates how to set up the environment in GitHub Codespaces to automate vulnerability detection workflows.

#security #mlp

Read original

Microsoft Azure BlogJan 14, 2026

Microsoft named a Leader in IDC MarketScape for Unified AI Governance Platforms

Why it matters: As AI adoption scales, engineers need unified tools to manage model lifecycles, security, and compliance. Microsoft’s integrated approach reduces operational risk and simplifies the deployment of responsible, agentic AI systems across complex multicloud environments.

Microsoft recognized as a Leader in the 2025-2026 IDC MarketScape for Unified AI Governance Platforms.
Microsoft Foundry serves as the developer control plane for model development, evaluation, deployment, and monitoring.
Microsoft Agent 365 provides a centralized IT control plane for managing and securing agentic AI across the enterprise.
Integrated security features include real-time jailbreak detection, agent identity management via Entra, and AI-specific threat protection in Defender.
Automated compliance tools in Microsoft Purview support over 100 regulatory frameworks for hybrid and multicloud environments.

#mlp #security #data

Read original

Cloudflare BlogJan 13, 2026

What we know about Iran’s Internet shutdown

Why it matters: Understanding how nation-states manipulate BGP and IP announcements to enforce shutdowns is crucial for engineers building resilient, global systems. It highlights the vulnerability of centralized network infrastructure and the importance of monitoring tools like Cloudflare Radar.

Iran implemented a near-total internet shutdown starting January 8, 2026, following widespread civil protests.
Cloudflare Radar observed a 98.5% drop in announced IPv6 address space, signaling a deliberate disruption of routing paths.
Overall traffic volume plummeted by 90% within a 30-minute window as major ISPs like MCCI, IranCell, and TCI went offline.
By 18:45 UTC on January 8, internet traffic from the country reached effectively zero, indicating a complete disconnection from the global web.
Brief spikes in DNS traffic (1.1.1.1) and university network connectivity were observed on January 9 before being shut down again.

#data #security #dist

Read original

GitHub EngineeringJan 12, 2026

Want better AI outputs? Try context engineering.

Why it matters: Context engineering integrates organizational standards into AI workflows. By providing structured context, engineers ensure AI-generated code adheres to specific architectures, reducing manual corrections and maintaining high-quality standards across the codebase.

Context engineering focuses on providing the right information and format to LLMs rather than just clever phrasing.
Custom instructions allow teams to define global or task-specific rules for coding conventions and naming standards.
Reusable prompt files (.prompts.md) standardize common workflows like code reviews, scaffolding, and test generation.
Custom agents enable specialized AI personas with defined responsibilities, such as security analysis or API design.
Implementing these techniques improves code accuracy and consistency while reducing repetitive manual prompting.

#mlp #culture #security

Read original

Microsoft Azure BlogJan 11, 2026

Bridging the gap between AI and medicine: Claude in Microsoft Foundry advances capabilities for healthcare and life sciences customers

Why it matters: This integration enables engineers to build specialized AI agents for highly regulated sectors. By combining Claude's reasoning with domain-specific MCPs and Azure's secure infrastructure, teams can automate complex medical reasoning and R&D tasks while maintaining strict compliance.

Anthropic and Microsoft launched Claude for Healthcare and Life Sciences on Microsoft Foundry, offering domain-specific AI agents for complex medical workflows.
The platform utilizes Model Context Protocols (MCPs) and specialized connectors to integrate Claude with scientific databases and clinical systems.
Healthcare features automate administrative tasks like prior authorization and claims appeals using advanced reasoning and evidence synthesis.
Life sciences capabilities support bioinformatics, experimental protocol design, and molecular design via code interpreter workflows.
The solution is built on Azure’s HIPAA-ready infrastructure, ensuring enterprise-grade security and biosafety guardrails for regulated environments.

#mlp #security #data

Read original

Cloudflare BlogJan 6, 2026

A closer look at a BGP anomaly in Venezuela

Why it matters: BGP route leaks can cause traffic delays or interception. Distinguishing between configuration errors and malicious intent is vital for network security. This analysis demonstrates how technical data can debunk theories of malfeasance by identifying systemic ISP policy failures.

Cloudflare Radar detected a BGP route leak on January 2 involving Venezuelan ISP CANTV (AS8048).
The event violated valley-free routing by redistributing routes from a provider to an external network.
Data shows 11 similar leaks since December, suggesting systemic configuration issues rather than malfeasance.
The leak impacted prefixes from Dayco Telecom (AS21980), a customer of the leaking ISP.
Such anomalies highlight the critical need for ISPs to implement strict routing export and import policies.

#security #dist

Read original

GitHub EngineeringDec 30, 2025

Agentic AI, MCP, and spec-driven development: Top blog posts of 2025

Why it matters: The shift from AI as autocomplete to autonomous agents marks a major evolution in productivity. Understanding agentic workflows, MCP integration, and spec-driven development is essential for engineers to leverage the next generation of AI-native software engineering.

GitHub Copilot introduced Agent Mode, enabling real-time code iteration and autonomous error correction directly within the IDE.
The new Coding Agent automates the full development lifecycle from issue assignment and repository exploration to pull request creation.
Agent HQ provides a unified ecosystem allowing developers to integrate agents from multiple providers like OpenAI and Anthropic into GitHub.
Model Context Protocol (MCP) support and the GitHub MCP Registry simplify how AI agents interact with external tools and data sources.
Spec-driven development emerged as a key methodology, using the Spec Kit to make structured specifications the center of agentic workflows.
The year featured critical industry reflections, including Git's 20th anniversary and security lessons learned from the Log4Shell breach.

#mlp #security #culture

Read original

Page 12 of 18

Prev 1...10 11 12 13 14...18 Next