Reevaluating vulnerability management

Things are getting complicated.

Mar 6 • Adrian Sanabria

3

3

1

AI can't replace jobs

It can automate some tasks - this distinction is very important

Mar 2 • Adrian Sanabria

3

2

1

February 2026

Investigating breach rate claims

Is a 'breach rate of less than 1%' a good thing?

Feb 9 • Adrian Sanabria

3

1

OpenClaw is out of control - but that's the point

Get in loser, we're speedrunning generative AI's end game

Feb 7 • Adrian Sanabria

5

1

January 2026

Reflections on being a cybersecurity creator in 2025

Calling myself a "creator" feels okay. "Influencer" would be a step too far.

Jan 11 • Adrian Sanabria

7

1

1

November 2025

Cybersecurity Has a Data Quality Issue

Which is why there are so many 'lemonade makers'

Nov 14, 2025 • Adrian Sanabria

2

2

Cybersecurity - A Market for Lemonade

What else are you going to do with all these cyber lemons?

Nov 3, 2025 • Adrian Sanabria

5

2

2

October 2025

The Asbestos of IT: why old protocols just aren’t worth it

If you CAN get rid of them, DO it - it’s worth the migration pain

Oct 4, 2025 • Adrian Sanabria

1

1

Address alert fatigue without AI: alert less to see more

You only need one reliable alert to detect an attacker - stop burying yourself in noise

Oct 4, 2025 • Adrian Sanabria

September 2025

npm: Not another Package Malicious - a Postmark MCP Squatter

Another week, another NPM incident

Sep 28, 2025 • Adrian Sanabria

1

EDR is not AV

Please stop conflating the terms

Sep 22, 2025 • Adrian Sanabria

5

NPM: aNother Pummeling, Man

Supply chain attacks have been ramping up, but NPM has had a particularly bad time this past month - what can we learn from it?

Sep 17, 2025 • Adrian Sanabria

7

2

2