Category: Blog

  • DeepSeek-V3 (MoE)

    DeepSeek-V3 (MoE)

    DeepSeek-V3 is an open-source large language model that boast a 671-billion parameter Mixture-of-Experts architecture with only 37 billion parameters activated per token. This specific model uses Multi-Head Latent Attention (MLA) for inference this compresses the attention keys and values in a low dimensional latent representation. Additionally this has also the strategy of Auxiliary-Loss-Free load balancing…

  • Hacking Kubernetes via ServiceAccountTokens

    Kubernetes has a large amount of advancements and inherent good security principles but these are dependent on configurations that are typically not well-known to end users. Predominantly the constructs of Service Accounts or (Non-human Identities) for the masses are populated in many services as they act as the go-between for service to authenticate and operate…

  • Evaluations in Azure Foundry

    Evaluations in the application of Generative AI serve as a backstop component to build trust and confidence in your AI-centric applications. Measuring the output and context as it is produced in your application can help you grasp in a verifiable method how your application will perform under certain conditions. Given the natural language usage of…

  • Image Policy Webhook

    Image Policy Webhook is a native Kubernetes admission plugin that enforces security policies by validating container images before they are deployed. This ensures that only trusted and compliant images run in your environment. This will take the image that is attempted to be applied compare against predefined policies, and if those policies allow the image…

  • PyRIT for LLM Security

    Microsoft launched PyRit (Python Risk Identification Tool) back in 2024 this serves as a open source framework to identify risk with Generative AI systems using the framework to test with multiple methods of attacks. Given the expansion of methods for Jailbreaking systems this allows for the dynamic adaption of attacks to quickly automate processes of…

  • Garak Red Teaming LLMs

    As Generative AI is playing a role in multiple organizations so is the popularity of tools for identifying risks and vulnerabilities. In this blog I’m exploring Garak a LLM vulnerability scanner developed by NVIDIA and is a OSS project to help strengthen LLM Security. When the term “Red Team” appears in the approach of simulation…

  • Bill of Materials CKS Refresher

    A Software Bill of Materials (SBOM) is like the ingredients list on your food package—it reveals what components, libraries, and dependencies go into building the final software. Just as checking food labels helps you understand nutritional content and potential allergens, an SBOM provides transparency into third-party components, helping identify vulnerabilities early in the software supply…

  • Prompt Flow Running Exa AI

    Promptflow is an open-source development tool created by Microsoft to streamline the end-to-end development lifecycle of LLM-based AI applications. When building agentic workflows, having a good foundation of the workflow you’ll want something that is modular, reusable and provides visibility. To effectively utilize this tool, it’s important to understand its key concepts, which can be…

  • Simulating Kubernetes Attacks with Detection of Falco + Tetragon

    Microsoft recently released an open-source repository designed to simulate attacks on Kubernetes clusters, showcasing the detection capabilities of Defender for Cloud sensors. However, this tool can also be extended to work with other Intrusion Detection Systems (IDS) for monitoring Kubernetes environments. As with any detection solution, it is crucial to rigorously test various attack scenarios…

  • 2025 Predictions

    Its that time again where the year ends and we begin the next year with the time frame being one more day left in 2024 it felt like it was time to release some predictions for 2025 and beyond. This list will be short but concise grounded in context and a healthy dose of foresight…