YouTube video: https://youtu.be/vTsHCRhTeF4?si=xFvjUKcMlRSuhtGs
Newsletter: https://missioninfosec.com/drone-gps-hijacking
1 week ago
1
0
0
0
Posts by Chad Butler
A policy fight in the drone industry is turning into a cybersecurity and public safety story.
And there's a side to it you should know about.
I connect the dots in my latest video and newsletter article.
1 week ago
1
0
1
0
Executive Briefing on AI Browsers: https://missioninfosec.com/are-ai-browsers-safe
2 months ago
1
0
0
0
Board view on AI browsers: goal is productivity without unmanaged risk. Reality: agentic browsers act with full session privileges; Gartner said block for now (Dec 2025) while controls catch up. Tradeoff: bans drive shadow use; broad rollout adds visibility + prompt risks. Decision: approve a tight
2 months ago
0
0
1
0
OpenClaw went from obscurity to 158,000+ GitHub stars in weeks.
And, as always, it is tough to keep up with the pace of news.
I put together a summary for CISOs and shared it with my newsletter subscribers yesterday.
If you missed it, you can grab it here:
https://newsletter.missioninfosec.com
2 months ago
0
0
0
0
2 months ago
0
0
0
0
3 questions to ask your team this week about FedRAMP 20x:
1. Can we generate machine-readable security documentation today?
2. Can our GRC tools generate OSCAL-compliant outputs natively?
3. What percentage of control validation could we automate right now?
The full breakdown in my newsletter.
2 months ago
0
0
1
0
2 months ago
0
0
0
0
After 13 years of operation, only ~350 CSPs achieved FedRAMP authorization. The old model was broken.
FedRAMP 20x is the ground-up redesign. Automation-first. Continuous validation. Machine-readable artifacts.
Yesterday, my newsletter subscribers got the full breakdown.
Get the link below.
2 months ago
0
0
1
0
Advertisement
Subscribe: https://newsletter.missioninfosec.com/
2 months ago
0
0
0
0
FedRAMP 20x is the most significant shift in federal cloud authorization since the program began.
In tomorrow's Product Security Playbook issue, I'm covering:
1. Why a ground-up redesign was needed
2. The timeline through FY27
3. What is changing
4. The prep plan
Grab it with link below.
2 months ago
0
0
1
0
You can grab the deep dive here: https://missioninfosec.com/are-ai-browsers-safe
3 months ago
0
0
0
0
Agentic AI browsers can read across tabs and take actions using your session.
So what: prompt injection becomes an “actions in authenticated sessions” risk.
Now what:
Mature = controlled pilot + detections.
Developing/Behind = block for now, find shadow use via DNS/SWG/EDR.
3 months ago
0
0
1
0
Newsletter Article: https://missioninfosec.com/are-ai-browsers-safe
3 months ago
0
0
0
0
Popular take: “We blocked AI browsers. Done.” My take: blocking is a phase, not the plan. Users bypass friction. Run a controlled pilot for low-risk workflows, set acceptable-use rules, and expand only when monitoring + controls meet IR needs. Link in comments.
3 months ago
0
0
1
0
3 months ago
0
0
0
0
OpenAI Atlas is out of scope for SOC 2/ISO and doesn’t emit Compliance API logs or SIEM feeds.
If an incident hits an AI browser session, your audit trail may be thin. Do a control gap check (policy, logs, extensions, residency).
Big gaps: limited pilot. Controls comparison in comments.
3 months ago
0
0
1
0
While researching for my next executive briefing on FedRAMP 20x, I encountered a major pet peeve.
The presenter was ignoring browser security warnings.
Reminder: please apply browser security patches before sharing your screen.
Lead and teach by example.
"Do as I say AND as I do."
4 months ago
0
0
0
0
Join us here: newsletter.missioninfosec.com
4 months ago
0
0
0
0
Advertisement
Gartner advised most orgs to block AI browsers for now. Agentic browsers can take real actions inside your logged-in sessions, turning prompt injection into action risk. Tomorrow: an exec briefing, missing controls, and a phased adoption plan in Product Security Playbook.
4 months ago
0
0
1
0
🥳 IT BEGINS 🥳
The CactusCon 14 CFP is now OPEN!
sessionize.com/cactuscon-14/
Theme is an oldie but a goodie, regardless as usual we are looking for those juicy technical talks that make CactusCon great.
#cc14
7 months ago
5
5
0
1
This unfortunately often results in groupthink among teams. You start to see groups of people who have worked with each other at multiple orgs who think their way is the only way and they aren’t open to new ideas.
7 months ago
2
0
0
0
Booker finally yields after more than 25 hours of speaking 👏👏👏
1 year ago
31184
4544
597
572
C-style strings in Rust should come with a disclaimer:
"This string has been handled in a facility that also processes uninitialized memory."
1 year ago
62
7
3
0
This👆
The few people who read it were all too willing to believe the felon when he said he had nothing to do with it.
1 year ago
4
0
1
0
➡️ January 20: FAA director fired
➡️ January 21: Air Traffic Controller hiring frozen
➡️ January 22: Aviation Safety Advisory Committee disbanded
➡️ January 28: Buyout/retirement demand sent to existing employees
➡️ January 29: First American mid-air collision in 16 years
Making America Great Again!
1 year ago
58466
26308
1353
2084
Advertisement
“The only constant in my life is flash updates”
This channel is gold.
youtube.com/shorts/HDr9J...
1 year ago
1
0
0
0
Chiming in. Nice to see you all here.
1 year ago
1
0
1
0
The choice of wallpaper in this bathroom…
1 year ago
1
0
0
0