All Posts

It's back! The wildly insecure vibe coded Retro 90's Chat app is now being secured by a set of home-grown Claude Code security skills. When I demoed this several months ago, "skills" didn't exist. Security controls were applied via .md files, which worked but was cumbersome. With the introduction of skills we gain a better result with additional efficiency and modularity.

I have huge personal/professional news to share! I've been named an IANS Faculty member. 🎉 I'm incredibly honored and humbled to join a group that includes some of the most influential and distinguished people in cybersecurity. I don't view this as having "made it," but rather as a reminder that every day I need to show up and earn my place through hard work. I'm very much looking forward to the opportunity to advise others in the industry. I especially want to thank Jon Zeolla, who nominated me to begin the process last year. And... I'll still be continuing my role at Netlify as Principal Security Engineer, as I celebrate 3 years at the company! https://lnkd.in/eCCmeE9S | 16 comments on LinkedIn

I'm really proud of how the team at Netlify worked to mitigate the risk of #React2Shell for our customers. This post highlights some of our ongoing work, and some of the attack trends we have observed over the last couple of weeks. https://lnkd.in/euXSq9ts

Resharing this post I wrote several weeks ago, in light of another incarnation of the "Sha1-Hulud" attack on the npm ecosystem which emerged overnight. If you are unsure if you were affected, your package.lock file will always show the exact version of the npm package installed, even if using fuzzy versions in your package.json file. Information about this incarnation of the Sha1-Hulud threat is still emerging, but it seems to follow the same pattern as the last attack, where data was exfiltrated via the creation of a public GitHub repository. Validating that this repo does not exist in your organizational GitHub accounts and those of employees is important. It should be noted though that for the previous round, GitHub themselves acted rapidly containing the repositories and notifying affected individuals. Due to the nature of how the worm worked during the previous outbreak, it was less likely to be able to exfil data from CI/CD pipelines (like for example when building a site on Netlify). Usually in this execution context, general write access to GitHub is not available. For this reason, it seems that the more likely target of this attack is developer workstations, who much more likely will have both environment variables and an active GitHub session.

In this video, Mike Gualtieri, Principal Security Engineer at Netlify, uses Claude Code from Anthropic to analyze two malware samples and produce detailed th...

Is this AI generated chat application secure or insecure? Tomorrow I'm delivering an internal company presentation about generating default AI security guardrails. I'm thinking about generalizing the content for a future public-facing talk since this was an interesting project that has lessons for any company using AI-assisted code generation.

About 7 months ago I conducted an experiment where I used ChatGPT (GPT-4o) to assist in analyzing a cryptominer malware sample. It fared OK. The process was more of a collaborative effort where I guided it through what to do next in decoding and analyzing portions of the obfuscated script. At the time I was impressed and thought it could save some time doing things 100% manually. About 5 months ago I vibe-coded a MCP server designed to assist in the analysis of the same malware sample. It used several agents in tandem acting as experts in code analysis and threat intelligence. It worked, but it was a bit complicated and fragile to be all that useful. Today I ran another experiment. I asked Claude Code (Sonnet 4.5) to analyze the same malware sample with a single prompt. What it produced was a 500 line comprehensive markdown document, with a full analysis of the execution stages, information about the cryptocurrencies being mined, IoCs, YARA rules, and more! I'm impressed! This is an amazing result from something done in minutes that would have taken hours - if not longer - without any AI assistance. I've included some screenshots of the output. Prompt: "This directory contains a cryptominer malware sample. Do not ever execute any code in this directory or sub-directories. Code should only be read. Analyze the cryptominer malware. Identify key execution stages, the flow of execution, obfuscation techniques, and cryptocurrencies mined. Include any key IoCs. Prepare a threat intelligence report in markdown format and write it to this directory."

I've been experimenting with how a CLAUDE.md file can assist in providing AI security guardrails by default. Here's one example that provides security checks to protect against npm supply chain attacks. Two key elements: 1) I asked that we never install an npm package that is younger than a week old, and 2) I asked that the installed npm packages be reviewed for malicious signatures. And, it works! Prompt used to generate the CLAUDE.md file: "Create a CLAUDE.md file that instructs Claude Code to guard against npm supply chain attacks. Specifically it should never clone an npm package that is younger than a week old. It should also analyze all files installed by npm for malicious signatures. It should always perform these instructions whenever installing, updating, or executing any npm packages." Screenshots of it analyzing a clean project, and analyzing a project which includes a npm malware sample from the recent nx supply chain breach.

I recently put together a "Security Arcade" team-building activity for our Netlify staff. The entire project was "vibe coded" in Claude Code using the Vite framework and our Netlify MCP server. I spent maybe half a day on it, which is crazy because if I were to code this from scratch, it would have likely taken me weeks of dedicated time to develop. The game consists of multiple-choice code security questions, focusing on OWASP Top 10 vulnerabilities, in a variety of popular web programming languages. The questions themselves were also generated by Claude Code. The majority of the project was put together in a single prompt describing the type of game I wanted to make and the 1980s arcade feel I wanted it to have. From there, time was spent on refinements and bug fixes. One amusing "bug" was that Claude decided to generate a lot of questions (70% of the bank) where "All of the above" was the correct answer. Much care went into prompting the code editor to ensure the questions, answers, and hints were balanced and accurate. Was it perfect? No. Could it be with more effort? Definitely. Was it perfect for our workshop? Definitely! I received much positive feedback from our staff, and even a request to bring it back for our annual security training! Even though I'm someone who can code in many languages and genuinely loves coding, there's so much power in what you can create quickly using AI tools and some imagination. The future is "building software," not "coding."

I've been tinkering with generating an MCP server to run a SAST analysis on a codebase. It's not more than a "toy" at this stage, but is producing some high fidelity results.

If you want Claude Code to purposefully create code with vulnerabilities in it, you need to ask nicely.

Tune in and join me on June 4th! I'll be joining Red Siege for their "Wednesday Offensive" livestream. Red Siege has been an awesome partner in our security efforts at Netlify. https://lnkd.in/eejGmWxA