#AppSec folks, is anyone else using purplellma for their agentic stack tools ?
Been using the CyberSecEvals as a framework. Want to know if this is the way we’re all going.
#AppSec folks, is anyone else using purplellma for their agentic stack tools ?
Been using the CyberSecEvals as a framework. Want to know if this is the way we’re all going.
#AppSec folks, is anyone else using purplellma for their agentic stack tools ?
26.02.2026 11:06 — 👍 0 🔁 0 💬 0 📌 0
A cluster of blue stars is seen against a starfield of brown and clumpy dust. The stars illuminate some of the nearby dust which causes the dust to glow blue. Please see the explanation for more detailed information.
🔭 Pleiades: The Seven Sisters Star Cluster
Image Credit & Copyright: Kamil Fiedosiuk
apod.nasa.gov/apod/ap26022...
Oh and I also use MAESTRO especially for the agentic stuff
26.02.2026 10:22 — 👍 0 🔁 0 💬 0 📌 0
PSA…
Mechanical keyboards in the office are really annoying.
Thank you for your time and attention.
ATLAS already does. I've also been using D3FEND for a double check.
Using these 2 for the non deterministic parts and supplementing with ATT&CK for the static stuff.
Basically using all three for different things. Hmm have not yet read SAFE-MCP, thanks for the tip. Will check it out
Stepping into the new week like Yui Hasegawa....
23.02.2026 07:26 — 👍 0 🔁 0 💬 0 📌 0Technically you should still apply traditional AppSec (it's an app after all) but there's more to be done. The trust model is completely different, the agent make decisions based on goals, filters, guardrails & corpus. Do you track telemetry & prompt runs for baseline response deviation for HITL?
23.02.2026 06:01 — 👍 0 🔁 0 💬 0 📌 0
A photo of my fluffy grey and white cat, Beelzebumble, who is lying perched on top of a cat tree. Her arms are hanging off the edge and she is looking blankly into the air at nothing in particular. The effect is comical
Sometimes I wish my head were this empty
19.02.2026 08:56 — 👍 558 🔁 45 💬 13 📌 1
New writeup published.
Looked at a common vibe coding vulnerability and I break down one or two reasons of why and how traditional #AppSec fails in the non deterministic agentic era. More importantly, why experience matters more than vibes.
matstalkstech.substack.com/p/secure-vib...
I'd like to prepare everyone who knows a South African.
The women's football team (Banyana Banyana) won, The Proteas (women and men) won.
It's going to be a long week of happy Southies telling you about how great the sports was this weekend. 😂😂😂
Just saw a sign that says something like "I've skipped a few classes but NEVER an Azzi Fudd game" 😂😂😂
The People's Princess is loved & supported and Azzi FC leading by example by calling out all the weird and parasocial behaviour. Fudd Around and Find Out. Women supporting women 🫶🏽🫶🏽🫶🏽 I'm here for it
The mental fortitude of this senior class is extraordinary and not spoken about enough. The physical therapy and rehab is difficult but the mental part of it all is what makes or breaks you.
I've got so much respect for these women. 💐💐💐 Absolutely incredible. Go UConn wbb
In other news, the Japanese Bond market triggered an interesting domino effect. Fear Vs Greed index is at Extreme Fear, Yen carry trade unwinding, commercial real estate default rates rising, naked shorts everywhere... Nothing to see here folks, nothing to see at all.
18.02.2026 01:10 — 👍 0 🔁 0 💬 0 📌 0
Cloud9 speaking up on where things stand with the W.
Wbb is having its 2019 woso moment. Stay strong, the fight continues for paying women athletes what they deserve. Women's sports financials tell the story, pay the athletes. There's no league without athletes. Pay the players!!!
Exactly, it's a "hey we're in Africa" FYI but doesn't actually address anything.
That's why I have so many questions. Not sure what they're telling us and why, I just know there's a clear gap nobody is taking about which is weird to me.
Ngl, "AI red teaming" agents are giving script kiddie vibes.
Bro, yes it's bros, you can't just wrap nmap, metasploit and a bunch of tools in a python wrapper and can that red teaming 😂😂😂.
Show me the probes and evals used, how are you tracking hallucination and model degredation? It's wild
Anthropic's Rwanda MoU 🧐🧐🧐. This requires a fundamental shift in the training. Current models are governed by Kantian deontology through the Constitutional AI principles. African countries follow Ubuntu like virtue ethics in decision making --> Value misalignment.
www.anthropic.com/news/anthrop...
Um what's happening in Europe? I've been so focused on sports stuff and reading that I'm not actually sure what's happening in the world.
Without fear mongering, what's actually happening in Europe? Is there conflict brewing or just news cycles doing what they do best?
Sure she's co-founder of Unrivaled & plays in that league too, as well as being part of the CBA negotiations for the W. If she wants to play more, she has options to choose from.
Just let her hoop & enjoy it folks. It's a FIBA world cup year, everyone wants more on court time. It's not complicated
Stewie going back to play for Fenerbahça ==> wbb socials creating think pieces and starting rumours.
Imagine that, women's sports has gotten to a place where someone can pick and choose which leagues they want to play in,and people are losing their minds. The W fans are exhausting, my goodness
Anyway I came back to the socials just to say, Azzi Fudd is HER.
What a special player.
I don't think I've ever seen anyone like that before in wbb tbh.
The era of 2 way effective, efficient & precise players is here. She was shooting 50/50/100 at a point and the non fouling defence stats 🤯🤯🤯
If you've ever met a South African or seen their trolling skills, just know that national sports team are the reason behind it all.
Southies are going to support the teams in spite of the emotional rollercoasters of any match. The humour and online antics are coping mechanism tbh.
Someone in the women's sports supporters community pointed out that what we do is a full time job.
It's makes so much sense now why I'm so tired half the time. I've been working multiple jobs 😂😂😂
Anthropics latest safety report is an interesting and concerning read. What's more concerning is silence around it. Does anyone actually care about the direction of tech and the ethical and societal impact thereof? The silence is too loud. Eerily silent
16.02.2026 13:42 — 👍 1 🔁 0 💬 0 📌 0
GM,
Finally picked up the proverbial pen again. New entry ready for all critique and feedback.
It's an experiment and POC, the repo is in the write-up.
#AISec #SecuritySky #AgentSecurity #MLSky #AppSec
matstalkstech.substack.com/p/agent-goal...
Next matstalkstech blog dropping today. I'll cover why you're pt1 of the Clawdbot and moltbook agent security findings since nobody seems to know when to use child_process.exec() vs .spawn() #vibecoding #AIAppSec
01.02.2026 08:49 — 👍 2 🔁 0 💬 0 📌 0
Anyway that's my full attackchain for this agent formally known as Clawdbot.
"Make it secure" is not a prompt that makes anything secure 😂😂😂.
Crypto bros & YT bros turned vibe coders -> the great grifter migration.
Blimey you're creating a mess, a legal mess for some of you.
If you're still looking for tools for AI Security and Safety, you've already gone down the wrong path.
The era of deterministic security ends when you add any ML or AI integration. Sure you can find an OWASP LLM Top10 scanner but knowing your tools and frameworks and when to use them is the key.
Used a polyvalent approach for this review.
AppSec cloud native security for non agentic stack.
ATLAS & D3FEND with a bit of ATFAA (adversarial threat framework for autonomous agents) for the agentic stack.
Old school sound software engineering practices.
We're in a probabilistic sec paradigm now
