web application security – Experimental News Clipping Site

Simon Willison’s Weblog: TIL: Rate limiting by IP using Cloudflare’s rate limiting rules

Jul 3, 2025

—

by

Source URL: https://simonwillison.net/2025/Jul/3/rate-limiting-by-ip/#atom-everything Source: Simon Willison’s Weblog Title: TIL: Rate limiting by IP using Cloudflare’s rate limiting rules Feedly Summary: TIL: Rate limiting by IP using Cloudflare’s rate limiting rules My blog started timing out on some requests a few days ago, and it turned out there were misbehaving crawlers that were spidering my /search/…

CSA: OWASP NHI Top 10: Standardize NHI Security

Jun 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloudsecurityalliance.org/articles/introducing-the-owasp-nhi-top-10-standardizing-non-human-identity-security Source: CSA Title: OWASP NHI Top 10: Standardize NHI Security Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the evolution and maturity of the non-human identity (NHI) market and introduces the OWASP Non-Human Identities Top 10, a framework designed to help organizations address security risks related to non-human identities…

Simon Willison’s Weblog: The lethal trifecta for AI agents: private data, untrusted content, and external communication

Jun 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/#atom-everything Source: Simon Willison’s Weblog Title: The lethal trifecta for AI agents: private data, untrusted content, and external communication Feedly Summary: If you are a user of LLM systems that use tools (you can call them “AI agents" if you like) it is critically important that you understand the risk of combining tools…

Simon Willison’s Weblog: Building software on top of Large Language Models

May 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/May/15/building-on-llms/#atom-everything Source: Simon Willison’s Weblog Title: Building software on top of Large Language Models Feedly Summary: I presented a three hour workshop at PyCon US yesterday titled Building software on top of Large Language Models. The goal of the workshop was to give participants everything they needed to get started writing code that…

The Cloudflare Blog: Cloudflare named a leader in Web Application Firewall Solutions in 2025 Forrester report

Mar 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/cloudflare-named-leader-waf-forrester-2025/ Source: The Cloudflare Blog Title: Cloudflare named a leader in Web Application Firewall Solutions in 2025 Forrester report Feedly Summary: Forrester Research has recognized Cloudflare as a Leader in its The Forrester Wave™: Web Application Firewall Solutions, Q1 2025 report. AI Summary and Description: Yes Summary: The text discusses Forrester Research’s recognition…

AWS News Blog: Firewall support for AWS Amplify hosted sites

Mar 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://aws.amazon.com/blogs/aws/firewall-support-for-aws-amplify-hosted-sites/ Source: AWS News Blog Title: Firewall support for AWS Amplify hosted sites Feedly Summary: AWS Amplify Hosting now offers direct integration with AWS WAF, allowing users to apply web application firewall protection to their hosted apps through the console or infrastructure as code, eliminating the need for complex Amazon CloudFront configurations. AI…

The Cloudflare Blog: Cloudflare named a leader in Web Application Firewall Solutions in 2025 Forrester report

Mar 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/cloudflare-named-leader-waf-forrester-2025/ Source: The Cloudflare Blog Title: Cloudflare named a leader in Web Application Firewall Solutions in 2025 Forrester report Feedly Summary: Forrester Research has recognized Cloudflare as a Leader in its The Forrester Wave™: Web Application Firewall Solutions, Q1 2025 report. AI Summary and Description: Yes Summary: The text discusses Forrester Research’s recognition…

Hacker News: CVE-2024-9956 – PassKey Account Takeover in All Mobile Browsers

Mar 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://mastersplinter.work/research/passkey/ Source: Hacker News Title: CVE-2024-9956 – PassKey Account Takeover in All Mobile Browsers Feedly Summary: Comments AI Summary and Description: Yes Summary: The provided text discusses a significant vulnerability found in major mobile browsers that enables an attacker within Bluetooth range to exploit FIDO URIs, undermining the security assumptions around PassKeys authentication.…

The Cloudflare Blog: One platform to manage your company’s predictive security posture with Cloudflare

Mar 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/cloudflare-security-posture-management/ Source: The Cloudflare Blog Title: One platform to manage your company’s predictive security posture with Cloudflare Feedly Summary: Cloudflare introduces a single platform for unified security posture management, helping protect SaaS and web applications deployed across various environments. AI Summary and Description: Yes Summary: The text discusses advancements made by Cloudflare in…

CSA: How the OWASP Top 10 for LLM Applications Supports AI

Mar 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloudsecurityalliance.org/articles/how-the-owasp-top-10-for-llm-applications-supports-the-ai-revolution Source: CSA Title: How the OWASP Top 10 for LLM Applications Supports AI Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the introduction of the OWASP Top 10 for Large Language Model Applications, which outlines critical vulnerabilities specific to LLM applications. Emphasizing the importance of understanding security risks associated…

Tag: web application security