Curated topic

security

Posts tagged with security

GitHub EngineeringDec 4, 2025

How to use GitHub Copilot Spaces to debug issues faster

Why it matters: GitHub Copilot Spaces significantly reduces the time engineers spend hunting for context during debugging by providing AI with project-specific knowledge. This leads to faster, more accurate solutions and streamlined development workflows.

GitHub Copilot Spaces enhances AI debugging by providing project-specific context like files, pull requests, and issues, leading to more accurate suggestions.
Spaces act as dynamic knowledge bundles, automatically syncing with linked content to ensure Copilot always has up-to-date information.
Users create a space, add relevant project assets (e.g., security docs, architecture overviews, specific issues), and define custom instructions for Copilot's behavior.
Copilot leverages this curated context to generate detailed debugging plans and propose code changes, citing its sources for transparency and auditability.
The integrated coding agent can then create pull requests with before/after versions, explanations, and references to the guiding instructions and files.

#mlp #security

Read original

GitHub EngineeringDec 3, 2025

Your stack, your rules: Introducing custom agents in GitHub Copilot for observability, IaC, and security

Why it matters: Custom agents in GitHub Copilot empower engineering teams to embed their unique rules and workflows directly into their AI assistant. This streamlines development, ensures consistency across the SDLC, and automates complex tasks, boosting efficiency and adherence to standards.

GitHub Copilot now supports custom agents, extending its AI assistance across the entire software development lifecycle, not just code generation.
These Markdown-defined agents act as domain experts, integrating team-specific rules, tools, and workflows for areas like observability, security, and IaC.
Custom agents can be deployed at repository, organization, or enterprise levels and are accessible via Copilot CLI, VS Code Chat, and github.com.
They enable engineers to enforce standards, automate multi-step tasks, and integrate third-party tools directly within their development environment.
A growing ecosystem of partner-built agents is available for various domains, including security, databases, DevOps, and incident management.

#sre #security

Read original

Cloudflare BlogDec 3, 2025

Cloudflare WAF proactively protects against React vulnerability

Why it matters: This article is crucial for engineers managing React/Next.js applications, highlighting an RCE vulnerability and Cloudflare's WAF as a critical first line of defense. It emphasizes the importance of both network-level protection and prompt application-level updates.

Cloudflare WAF has deployed new rules to proactively protect against a critical Remote Code Execution (RCE) vulnerability (CVE-2025-55182, CVSS 10.0) in React Server Components.
The vulnerability impacts React versions 19.0-19.2 and Next.js versions 15-16, allowing insecure deserialization leading to RCE.
All Cloudflare customers with traffic proxied through WAF are automatically protected, including free and paid plans, with default block actions.
Cloudflare Workers-based applications are inherently immune to this specific exploit.
Despite WAF protection, users are strongly recommended to update to React 19.2.1 and the latest Next.js versions (16.0.7, 15.5.7, 15.4.8).
Specific WAF rule IDs (e.g., 33aa8a8a948b48b28d40450c5fb92fba) have been deployed across Cloudflare's network.

#security #frontend

Read original

Cloudflare BlogDec 3, 2025

Cloudflare's 2025 Q3 DDoS threat report -- including Aisuru, the apex of botnets

Why it matters: This report highlights the escalating scale and sophistication of DDoS attacks, exemplified by the Aisuru botnet. Engineers must prioritize robust, autonomous defense systems to protect critical infrastructure and services from increasingly powerful and short-lived threats.

The Aisuru botnet dominated Q3 2025, launching hyper-volumetric DDoS attacks up to 29.7 Tbps and 14.1 Bpps, causing significant internet disruption.
Cloudflare mitigated 8.3 million DDoS attacks in Q3 2025, a 15% QoQ and 40% YoY increase, with network-layer attacks surging 87% QoQ.
DDoS attacks against AI companies increased by 347% MoM in September, while attacks on Mining/Metals and Automotive sectors also rose due to geopolitical tensions.
The majority of DDoS attacks are short-lived (under 10 minutes), emphasizing the need for autonomous, real-time mitigation systems.
Aisuru, available as a botnet-for-hire, targeted critical infrastructure, telecommunications, gaming, and financial services, demonstrating its disruptive potential.

#security #dist

Read original

Microsoft Azure BlogDec 1, 2025

Azure networking updates on security, reliability, and high availability

Why it matters: This article highlights Azure's commitment to scaling its network for demanding AI workloads and enhancing resilience. Engineers gain insights into new features like zone-redundant NAT Gateway V2, crucial for building highly available and performant cloud-native applications.

Azure's global network has expanded to 18 Pbps WAN capacity, optimized for hyperscale AI and data workloads across 60+ AI regions.
The network fabric is specifically engineered for AI, integrating InfiniBand and high-speed Ethernet for low-latency, high-bandwidth GPU cluster communication and distributed AI WAN.
Azure is enhancing resiliency with zone-redundant services, including the public preview of Standard NAT Gateway V2.
Standard NAT Gateway V2 provides zone-redundant outbound connectivity, 100 Gbps throughput, 10M packets/sec, IPv6 support, and flow logs.

#sre #dist #security

Read original

Slack EngineeringDec 1, 2025

Streamlining Security Investigations with Agents

Why it matters: This article details how Slack built robust AI agent systems for security investigations by moving from single prompts to chained, structured model invocations, offering a blueprint for reliable AI application development.

Slack's Security Engineering team implemented AI agents to streamline security investigations, processing billions of events daily.
Initial prototypes, relying on a single large prompt, exhibited inconsistent performance despite prompt refinement attempts.
The team's solution involved breaking down complex investigations into a sequence of chained, single-purpose model invocations.
Utilizing structured output, defined by JSON schema, was key to achieving fine-grained control and predictable behavior at each step.
The production system employs a team of 'personas' (agents) for specific tasks, with the application orchestrating their interactions and context propagation.
This method significantly improves consistency and reliability in AI-driven security analysis, moving beyond simple prompt engineering.

#security #mlp

Read original

GitHub EngineeringNov 25, 2025

How GitHub’s agentic security principles make our AI agents as secure as possible

Why it matters: This article provides essential security principles for developing and deploying AI agents, addressing critical risks like data exfiltration and prompt injection. It offers practical guidelines for ensuring human oversight and accountability in agentic systems.

GitHub employs agentic security principles for AI agents like Copilot, balancing usability with security through a human-in-the-loop design.
Key risks for agentic AI include data exfiltration, impersonation/action attribution, and prompt injection.
Security controls ensure all context is visible, agents are firewalled, and access to sensitive data is limited.
Agents are prevented from making irreversible state changes without human approval, such as creating pull requests instead of direct commits.
Actions are clearly attributed to both the initiating user and the agent, ensuring accountability.
Context gathering is restricted to authorized users with appropriate repository permissions.

#security #mlp

Read original

Cloudflare BlogNov 24, 2025

Get better visibility for the WAF with payload logging

Why it matters: Engineers can now precisely debug WAF false positives and fine-tune security rules by understanding exactly which request fields trigger actions. This improves application security posture and reduces operational overhead from misconfigured WAFs.

Cloudflare's WAF protects against layer 7 attacks using various rulesets, but fine-tuning is necessary due to inevitable false positives.
Traditional WAF logging only indicates if a rule matched, failing to specify which part of a complex request or rule expression triggered the action.
Ambiguity arises from logical OR expressions, data transformations (e.g., Base64, URL decoding), cumulative scoring rulesets, and private rule logic.
Payload logging solves this by detailing the exact fields and their post-transformation values that caused a WAF rule to match.
This feature significantly enhances visibility, simplifies false positive identification, ensures rule correctness, and improves WAF fine-tuning.
Payload logging leverages the Wirefilter engine, re-evaluating the Rulesets Engine's execution context with a dedicated PayloadLoggingCompiler to pinpoint matching elements.

#security

Read original

Engineering at MetaNov 20, 2025

Key Transparency Comes to Messenger

Why it matters: This article details how Meta scaled a critical security feature, Key Transparency, to Messenger's massive user base. Engineers can learn about distributed system challenges, cryptographic key management, and infrastructure resilience for high-volume, security-sensitive applications.

Messenger launched Key Transparency for end-to-end encrypted chats, providing verifiable and auditable public key records to prevent tampering.
This feature automates the verification of encryption keys, addressing the complexity of manual checks for users with multiple devices and frequent key changes.
The implementation leverages the Auditable Key Directory (AKD) library and integrates Cloudflare's key transparency auditor for enhanced security.
Scaling challenges included managing billions of key entries and hundreds of thousands of updates per 2-minute epoch due to Messenger's multi-device user base.
Engineering advancements involved optimizing AKD algorithmic efficiency for smaller proof sizes and improving infrastructure resilience and recovery processes.

#security #dist

Read original

Microsoft Azure BlogNov 18, 2025

Microsoft Foundry: Scale innovation on a modular, interoperable, and secure agent stack

Why it matters: Microsoft Foundry provides a comprehensive, secure, and modular platform for developers to build, deploy, and manage AI agents and applications at scale, integrating advanced models and developer tools. This accelerates the shift from prescriptive logic to intelligent, adaptive systems.

Microsoft Foundry offers a modular, interoperable, and secure agent stack for building AI applications.
New Foundry Models include offerings from Anthropic, Cohere, and NVIDIA, with a generally available model router.
Foundry IQ, now in public preview, redefines Retrieval-Augmented Generation (RAG) for improved orchestration and response quality.
Foundry Agent Service introduces Hosted Agents, multi-agent workflows, built-in memory, and direct deployment to Microsoft 365.
Foundry Control Plane centralizes identity, policy, observability, and security, integrating with GitHub Advanced Security.
Foundry Local is in private preview on Android, extending agent capabilities to mobile platforms.
AI-powered tools like GitHub Copilot and AgentHQ enhance developer productivity for building intelligent systems.

#mlp #security #dist

Read original

Page 9 of 12

Prev 1...7 8 9 10 11 12 Next