AI
A Practical Look at AI
In this post, I try to look past the hype or doom around AI and look into what useful results can be obtained through AI, and where I think the technology can realistically go.
Alex Beaver
Hi! I'm Alex, a Security Automation Engineer. I am passionate about leveraging software to secure enterprises.
Leadership
How to Say Goodbye
At some point, we will all have to leave an organization. It might be a company, a nonprofit, an extracurricular, or something else. A lot of people, including myself, get very emotionally invested into the work we do. Leaving is almost always hard. What is even harder is leaving with
Opinion
Value-Oriented Cybersecurity
Software engineering is in a rough spot right now. Cybersecurity has made it through largely unscathed. However, the industry should learn from this and align with investor interests to bring long-term stability.
AI
First Principles and the Future of AI
💡The following content is opinion. All views expressed are my own and do not represent the views or policies of my employer, past or present, or any other organization with which I may be affiliated.Read all disclaimers at beave.rs/disclaimer Last year, I developed a five-year plan for
FOSS
The World Has Too Much Code
The goal of application security is consistently bug-free code. Open Source may be the way to reach that goal.
RIT HFOSS
Securing Open Source Software
Securing Open Source SoftwareFOSS Research Project.pdf2 MBdownload-circle This is a presentation that I gave as part of my class on Humanitarian Free and Open Source Software (HFOSS) about tools and techniques that FOSS maintainers can use to secure their projects. I began my presentation by talking about Log4J. Log4J&
Events
BSides Toronto - Quality Engineering
Download the Slides Quality Engineering AppSec.pdf 15 MB download-circle Sign Up for my Newsletter What does it take to have a successful SDLC program? In this talk, I step beyond the policy, and share my experiences turning a failing software development team into one that was both fast and
Events
2023 All Things Open
👋Hello! I am going to be speaking on a panel at All Things Open. More info will be released soon. Panel: Open Source Compliance & Security OSI Track Tuesday Oct 17 @ 1:30 PM - 2:15 PM
AppSec
The Shadow Software Supply Chain
StackOverflow and GitHub Co-Pilot have made untrusted code rampant in production applications. A focus on services will help mitigate the risks and enhance security.
Opinion
Services: The AppSec Inflection Point
Application Security (AppSec) teams should strive to adopt a service-oriented model, leveraging API proxies to deliver security across stacks.
News
The SEC Cybersecurity Policy
⚠️This article is solely my analysis of the policy, and is not legal advice The Securities and Exchange Commission recently released new policies for Cybersecurity disclosure. My RSS feeds went ablaze with different hypotheses on how this will play out, and there is a lot of fear about how regulations
Why I Do Not Share Advice Online
I enjoy understanding and analyzing issues in-depth, both for the security industry and more broadly. I do some individual stock picking in my free time, mostly as a relatively low-stakes way to perform research on different companies and I enjoy the research process. I have decided that I want to