Mats M.'s Avatar

Mats M.

@mats-m.bsky.social

~ high priestess of naps ~ ~ cyber security leader & builds tech stuff ~ ~ shamelessly promoting women’s sports ~ ~ polymath, polyglot, polyvalent ~

2,628 Followers  |  316 Following  |  801 Posts  |  Joined: 28.09.2023
Posts Following

Posts by Mats M. (@mats-m.bsky.social)

#AppSec folks, is anyone else using purplellma for their agentic stack tools ?

Been using the CyberSecEvals as a framework. Want to know if this is the way we’re all going.

26.02.2026 11:06 — 👍 0    🔁 0    💬 0    📌 0

#AppSec folks, is anyone else using purplellma for their agentic stack tools ?

26.02.2026 11:06 — 👍 0    🔁 0    💬 0    📌 0
A cluster of blue stars is seen against a starfield
of brown and clumpy dust. The stars illuminate some of 
the nearby dust which causes the dust to glow blue.
Please see the explanation for more detailed information.

A cluster of blue stars is seen against a starfield of brown and clumpy dust. The stars illuminate some of the nearby dust which causes the dust to glow blue. Please see the explanation for more detailed information.

🔭 Pleiades: The Seven Sisters Star Cluster

Image Credit & Copyright: Kamil Fiedosiuk

apod.nasa.gov/apod/ap26022...

23.02.2026 08:10 — 👍 194    🔁 50    💬 2    📌 1

Oh and I also use MAESTRO especially for the agentic stuff

26.02.2026 10:22 — 👍 0    🔁 0    💬 0    📌 0

PSA…

Mechanical keyboards in the office are really annoying.

Thank you for your time and attention.

26.02.2026 09:19 — 👍 0    🔁 0    💬 0    📌 0

ATLAS already does. I've also been using D3FEND for a double check.
Using these 2 for the non deterministic parts and supplementing with ATT&CK for the static stuff.

Basically using all three for different things. Hmm have not yet read SAFE-MCP, thanks for the tip. Will check it out

25.02.2026 15:39 — 👍 1    🔁 0    💬 1    📌 0
Video thumbnail

Stepping into the new week like Yui Hasegawa....

23.02.2026 07:26 — 👍 0    🔁 0    💬 0    📌 0

Technically you should still apply traditional AppSec (it's an app after all) but there's more to be done. The trust model is completely different, the agent make decisions based on goals, filters, guardrails & corpus. Do you track telemetry & prompt runs for baseline response deviation for HITL?

23.02.2026 06:01 — 👍 0    🔁 0    💬 0    📌 0
A photo of my fluffy grey and white cat, Beelzebumble, who is lying perched on top of a cat tree. Her arms are hanging off the edge and she is looking blankly into the air at nothing in particular. The effect is comical

A photo of my fluffy grey and white cat, Beelzebumble, who is lying perched on top of a cat tree. Her arms are hanging off the edge and she is looking blankly into the air at nothing in particular. The effect is comical

Sometimes I wish my head were this empty

19.02.2026 08:56 — 👍 558    🔁 45    💬 13    📌 1
Preview
Secure Vibe coding: Experience vs Vibes Traditional AppSec is creating massive single points of failure for Agentic AI. It's time to dismantle the monolith of trust before it breaks.

New writeup published.
Looked at a common vibe coding vulnerability and I break down one or two reasons of why and how traditional #AppSec fails in the non deterministic agentic era. More importantly, why experience matters more than vibes.

matstalkstech.substack.com/p/secure-vib...

22.02.2026 20:29 — 👍 0    🔁 0    💬 4    📌 0

I'd like to prepare everyone who knows a South African.
The women's football team (Banyana Banyana) won, The Proteas (women and men) won.

It's going to be a long week of happy Southies telling you about how great the sports was this weekend. 😂😂😂

22.02.2026 19:15 — 👍 2    🔁 0    💬 0    📌 0

Just saw a sign that says something like "I've skipped a few classes but NEVER an Azzi Fudd game" 😂😂😂

The People's Princess is loved & supported and Azzi FC leading by example by calling out all the weird and parasocial behaviour. Fudd Around and Find Out. Women supporting women 🫶🏽🫶🏽🫶🏽 I'm here for it

22.02.2026 19:11 — 👍 0    🔁 0    💬 0    📌 0

The mental fortitude of this senior class is extraordinary and not spoken about enough. The physical therapy and rehab is difficult but the mental part of it all is what makes or breaks you.

I've got so much respect for these women. 💐💐💐 Absolutely incredible. Go UConn wbb

22.02.2026 19:04 — 👍 1    🔁 0    💬 0    📌 0

In other news, the Japanese Bond market triggered an interesting domino effect. Fear Vs Greed index is at Extreme Fear, Yen carry trade unwinding, commercial real estate default rates rising, naked shorts everywhere... Nothing to see here folks, nothing to see at all.

18.02.2026 01:10 — 👍 0    🔁 0    💬 0    📌 0

Cloud9 speaking up on where things stand with the W.

Wbb is having its 2019 woso moment. Stay strong, the fight continues for paying women athletes what they deserve. Women's sports financials tell the story, pay the athletes. There's no league without athletes. Pay the players!!!

18.02.2026 00:59 — 👍 1    🔁 0    💬 0    📌 0

Exactly, it's a "hey we're in Africa" FYI but doesn't actually address anything.
That's why I have so many questions. Not sure what they're telling us and why, I just know there's a clear gap nobody is taking about which is weird to me.

18.02.2026 00:50 — 👍 1    🔁 0    💬 0    📌 0

Ngl, "AI red teaming" agents are giving script kiddie vibes.

Bro, yes it's bros, you can't just wrap nmap, metasploit and a bunch of tools in a python wrapper and can that red teaming 😂😂😂.

Show me the probes and evals used, how are you tracking hallucination and model degredation? It's wild

18.02.2026 00:45 — 👍 0    🔁 0    💬 0    📌 0
Preview
Anthropic and the Government of Rwanda sign MOU for AI in health and education Anthropic is an AI safety and research company that's working to build reliable, interpretable, and steerable AI systems.

Anthropic's Rwanda MoU 🧐🧐🧐. This requires a fundamental shift in the training. Current models are governed by Kantian deontology through the Constitutional AI principles. African countries follow Ubuntu like virtue ethics in decision making --> Value misalignment.

www.anthropic.com/news/anthrop...

17.02.2026 18:33 — 👍 2    🔁 0    💬 1    📌 0

Um what's happening in Europe? I've been so focused on sports stuff and reading that I'm not actually sure what's happening in the world.
Without fear mongering, what's actually happening in Europe? Is there conflict brewing or just news cycles doing what they do best?

17.02.2026 13:11 — 👍 0    🔁 0    💬 0    📌 0

Sure she's co-founder of Unrivaled & plays in that league too, as well as being part of the CBA negotiations for the W. If she wants to play more, she has options to choose from.

Just let her hoop & enjoy it folks. It's a FIBA world cup year, everyone wants more on court time. It's not complicated

16.02.2026 16:24 — 👍 1    🔁 0    💬 0    📌 0

Stewie going back to play for Fenerbahça ==> wbb socials creating think pieces and starting rumours.

Imagine that, women's sports has gotten to a place where someone can pick and choose which leagues they want to play in,and people are losing their minds. The W fans are exhausting, my goodness

16.02.2026 16:14 — 👍 2    🔁 0    💬 1    📌 1

Anyway I came back to the socials just to say, Azzi Fudd is HER.

What a special player.
I don't think I've ever seen anyone like that before in wbb tbh.
The era of 2 way effective, efficient & precise players is here. She was shooting 50/50/100 at a point and the non fouling defence stats 🤯🤯🤯

16.02.2026 14:39 — 👍 7    🔁 1    💬 2    📌 0
Post image

If you've ever met a South African or seen their trolling skills, just know that national sports team are the reason behind it all.

Southies are going to support the teams in spite of the emotional rollercoasters of any match. The humour and online antics are coping mechanism tbh.

16.02.2026 14:28 — 👍 0    🔁 0    💬 0    📌 0

Someone in the women's sports supporters community pointed out that what we do is a full time job.

It's makes so much sense now why I'm so tired half the time. I've been working multiple jobs 😂😂😂

16.02.2026 14:23 — 👍 1    🔁 0    💬 0    📌 0

Anthropics latest safety report is an interesting and concerning read. What's more concerning is silence around it. Does anyone actually care about the direction of tech and the ethical and societal impact thereof? The silence is too loud. Eerily silent

16.02.2026 13:42 — 👍 1    🔁 0    💬 0    📌 0
Preview
Agent Goal Pinning, an Experiment and POC What if we applied the same theory from mobile application security to an agent ?

GM,

Finally picked up the proverbial pen again. New entry ready for all critique and feedback.

It's an experiment and POC, the repo is in the write-up.

#AISec #SecuritySky #AgentSecurity #MLSky #AppSec

matstalkstech.substack.com/p/agent-goal...

16.02.2026 11:18 — 👍 0    🔁 0    💬 0    📌 0

Next matstalkstech blog dropping today. I'll cover why you're pt1 of the Clawdbot and moltbook agent security findings since nobody seems to know when to use child_process.exec() vs .spawn() #vibecoding #AIAppSec

01.02.2026 08:49 — 👍 2    🔁 0    💬 0    📌 0

Anyway that's my full attackchain for this agent formally known as Clawdbot.

"Make it secure" is not a prompt that makes anything secure 😂😂😂.
Crypto bros & YT bros turned vibe coders -> the great grifter migration.

Blimey you're creating a mess, a legal mess for some of you.

31.01.2026 09:50 — 👍 0    🔁 0    💬 1    📌 0

If you're still looking for tools for AI Security and Safety, you've already gone down the wrong path.

The era of deterministic security ends when you add any ML or AI integration. Sure you can find an OWASP LLM Top10 scanner but knowing your tools and frameworks and when to use them is the key.

31.01.2026 09:42 — 👍 0    🔁 0    💬 1    📌 0

Used a polyvalent approach for this review.
AppSec cloud native security for non agentic stack.
ATLAS & D3FEND with a bit of ATFAA (adversarial threat framework for autonomous agents) for the agentic stack.
Old school sound software engineering practices.
We're in a probabilistic sec paradigm now

31.01.2026 09:36 — 👍 0    🔁 0    💬 1    📌 0