Blog
AI, security, data en publieke digitale transformatie.
Van prompt filter naar control plane — waarom de OWASP Agentic Top 10 alles verandert voor AI-governance
De nieuwe OWASP AIUC-1 crosswalk maakt één ding glashelder: agentic AI security draait niet om prompt injection filters, maar om een harde control plane met identiteit, privileges, tools, memory, runtime, supply chain en cost containment.
AI SecurityContainment analysis, and mitigation of the “Shai Hulud” supply chain malware campaign
1. Summary This advisory constitutes a analysis of the “Shai Hulud” malware campaign, a sophisticated, self-replicating supply chain attack targeting the JavaScript/TypeScript (NPM) ecosys
AI SecurityFrom myth to practice security engineering code security and SDLC for modern software teams
Summary The domain of security engineering is currently undergoing a structural transformation of a magnitude not seen since the transition from perimeter-based security to cloud-native architectures.
AI SecurityAI-Orchestrated Cyber-Espionage Campaigns
I. The Agentic Threat Inflection Point This report analyzes a fundamental and irreversible transformation in the cybersecurity landscape, crystallized by the public disclosure of the GTG-1002 incident
AI SecurityInfographic AI-Orchestrated Cyber-Espionage
AI-Orchestrated Cyber-Espionage Analysis Reverse Engineering AI-Orchestrated Cyber-Espionage An interactive analysis of AI-powered attack techniques and strategic defense recommendations for modern se
AI SecurityM365 Copilot attack surface
M365 Copilot Attack Surface M365 Copilot Attack Surface Summary Attack Chain Detections Governance Methodology Executive Summary This application provides an interactive analysis of the Microsoft 365
AI SecurityThe Microsoft 365 Co-pilot attack surface.
An Investigation into CompanyXYZGPT Enterprise Threats A New Class of Enterprise Risk for every company rushing into FOMO CompanyXYZGPT. The introduction of Microsoft 365 Copilot represents more than
AI SecurityThe 2025 security operations
Deel I: Roadmap 1.1. Van het beveiligen van infrastructuur naar het besturen van intelligentie De kern van cyberbeveiliging ondergaat in 2025 een fundamentele transformatie. De focus verschuift van he
AI SecurityBeveiligingsanalyse van het MCP-ecosysteem
by Dennis Landman Agentic Engineer & AI & Cybersecurity Specialist Deze analyse is een vervolg op eerdere analyses van MCP:1. Security en privacy risico’s van Model Context Protocol (MCP).R
AI SecurityNavigating the Zero Trust paradox against advanced cloud threats
The imperative to evolve beyond baseline Zero Trust Purpose This report presents a strategic assessment of the enterprise’s cybersecurity posture in the face of a new and highly destructive para
AI SecurityThe agentic threat.
The Agentic Threat: A Strategic Risk Assessment and Mitigation Framework for Enterprise AI Enterprise AI has entered a new era: the rise of autonomous, agentic AI systems. Unlike traditional LLMs, the
AI SecurityForensic reconstruction and semanticdefense blueprint of EchoLeak (CVE-2025-32711)
Executive Summary & Threat Analysis The EchoLeak Vulnerability (CVE-2025-32711) This report provides a comprehensive forensic analysis and architectural redesign in response to the critical zero-c
AI SecurityFrom echoLeak to architectures of trust a secure AI integration blueprint.
1. Executive Summary The proliferation of Large Language Model (LLM) assistants within European public sector organizations presents a paradigm shift in operational efficiency and service delivery. Ho
AI SecurityEffectiviteit en implementatie van een ransomware losgeldverbod in Nederland
by Djimit Executieve Samenvatting Dit rapport presenteert een strategische analyse van de haalbaarheid, effectiviteit en implementatie van een verbod op losgeldbetalingen voor ransomware in Nederland.
AI SecurityInfographic ransomware beleidsanalyse
Analyse Ransomware Losgeldverbod Ransomware Beleidsanalyse Dashboard Internationaal Strategie Tijdlijn DashboardInternationaalStrategieTijdlijn Analyse Losgeldverbod Ransomware Een interactieve verken
AI SecurityLLM Security Framework
Interactive LLM Security & Governance Framework LLM Security Framework Threats Defenses Architecture Governance A Framework for LLM Threat Modeling & Security This interactive application sy
AI SecurityA CISO’s Blueprint for Navigating the New Threat Landscape
AI Security & Governance Infographic Enterprise AI Security & Governance A CISO’s Blueprint for Navigating the New Threat Landscape The Dual Threat: External Attacks & Internal Ri
AI SecurityStrategic Roadmap for AI-Driven Cyber Resilience
SOC 2030: Industry Trends & Market Research The Security Operations Center of 2030 A Strategic Roadmap for AI-Driven Cyber Resilience: Industry Trends & Market Research The Evolving Threat L
AI SecurityThe Security Operations Center of 2030
A Strategic Roadmap for AI-Driven Cyber Resilience by Djimit Executive Summary The Security Operations Center (SOC) of 2030 is poised for a profound transformation, evolving from a reactive, human-int
AI SecurityEen analyse van opkomende communicatieprotocollen voor multi-agent AI systemen MCP, A2A, ACP en ANP
by Djimit Samenvatting De snelle opkomst van multi-agent AI-systemen (MAS) introduceert complexe uitdagingen op het gebied van communicatie en interoperabiliteit. Ad-hoc integraties volstaan niet lang
AI SecurityClaude desktop integreren met MCP o.a. LMStudio en Ollama.
door Dennis Landman IT Consultant | AI & Cybersecurity Specialist | Innovator in Digital Transformation Het Model Context Protocol (MCP) is een veelbelovend open-source protocol dat de interactie
AI SecurityMCP en sequential thinking! Een oplossing voor complexe probleemoplossing
Een analyse van Model Context Protocol en Sequential Thinking: hoe deze methodologie AI-systemen transparanter, betrouwbaarder en effectiever maakt voor Nederlandse organisaties.
AI SecurityKabinet presenteert de Nederlandse cybersecuritystrategie (NLCS) 2022-2028.
Kabinet presenteert de Nederlandse cybersecuritystrategie (NLCS) 2022-2028 10 okt 2022 Namens het kabinet presenteert minister Yeşilgöz-Zegerius (Justitie en Veiligheid), samen met minister Adriaansen
AI SecurityAnalyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082.
October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on
AI SecurityCustomer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server.
Microsoft is investigating two reported zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The first vulnerability, identified as CVE-2022-41040, is a Server-Side Reque
AI SecurityIntroducing the Microsoft Defender for Office 365 Security Operations Guide.
Today, we’re pleased to announce the release of the Microsoft Defender for Office 365 Security Operations Guide. Security operations (SecOps) teams continuously perform tasks to provide a high-
AI SecurityGoogle Cloud Security Overview.
When you think about Cloud Security there are many areas of responsibility – securing infrastructure, network, data, applications, and managing identities and access. There are also ongoing proc
AI SecuritySoftware Security in Supply Chains: Software Bill of Materials (SBOM)
Section 10(j) of EO 14028 defines an SBOM as a “formal record containing the details and supply chain relationships of various components used in building software,[1]” similar to food ingredient labe
AI SecuritySecurity Certification Roadmap – Paul Jerimy Media
IT Security Certification Roadmap charting security implementation, architecture, management, analysis, offensive, and defensive operation certifications. — Lees op pauljerimy.com/security-certificati
AI Security4 best practices to implement a comprehensive Zero Trust security approach – Microsoft Security Blog
4 best practices to implement a comprehensive Zero Trust security approach – Microsoft Security Blog — Lees op www.microsoft.com/security/blog/2022/02/17/4-best-practices-to-implement-a-comprehe
AI SecurityReferentiearchitectuur voor Microsoft Cyberbeveiliging
Gedetailleerde technische referentiearchitectuur voor cyberbeveiliging in meerdere cloudomgevingen, waaronder microsoft- en platforms van derden — Lees op docs.microsoft.com/nl-nl/security/cybersecuri
AI Security2021 Trends Show Increased Globalized Threat of Ransomware
In 2021, cybersecurity authorities in the United States,[1][2][3] Australia,[4] and the United Kingdom[5] observed an increase in sophisticated, high-impact ransomware incidents against critical infra
AI SecurityTop 10 Cyber Attack Maps to See Digital Threats For 2022
Top 10 Cyber Attack Maps to See Digital Threats For 2022 — Lees op cybersecuritynews-com.cdn.ampproject.org/c/s/cybersecuritynews.com/cyber-attack-maps/
AI SecurityUK government plans to release Nmap scripts for finding vulnerabilities – The Record by Recorded Future
The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground. — Lees op therecord.media/wp-content/themes/the
AI SecurityHow to test if your Linux server is vulnerable to Log4j.
I tested this script against a server that I knew had a vulnerable Log4j package installed, and it correctly tagged it. Here’s how you can run that same script on your Linux servers to find out
AI SecurityLog4j | Nationaal Cyber Security Centrum
Er is een ernstige kwetsbaarheid gevonden in Apache Log4j. Dit is software die veel gebruikt wordt in webapplicaties en allerlei andere systemen. Het NCSC waarschuwt voor potentieel grote schade en&nb
AI SecurityCritical RCE Vulnerability: log4j – CVE-2021-44228
Our team is currently investigating CVE-2021-44228, a critical vulnerability that’s affecting a Java logging package. — Lees op www.huntress.com/blog/rapid-response-critical-rce-vulnerability-is-affec
AI SecurityHow to investigate service provider trust chains in the cloud – Microsoft Security Blog
How to investigate service provider trust chains in the cloud Detection and Response Team (DART) Azure Red Team — Lees op www.microsoft.com/security/blog/2021/11/22/how-to-investigate-service-provider
AI SecurityOverview of the Azure Security Benchmark v3
The Azure Security Benchmark (ASB) provides prescriptive best practices and recommendations to help improve the security of workloads, data, and services on Azure. — Lees op docs.microsoft.com/en-us/s
AI SecurityAIVD en MIVD delen 7 momenten om een cyberaanval te stoppen.
De 7 fasen van een cyberaanval Reconnaissance-fase: de aanvallers zoeken zwakke plekken in de organisatie. Weaponization-fase: de aanvallers ontwikkelen malware om deze zwakke plekken te misbruiken. D
AI SecurityWelke cyberdreiging ziet de AIVD en wat kan je doen om je te beschermen tegen cyberaanvallen? – Weerbare Digitale Overheid
Welke cyberdreiging ziet de AIVD en wat kan je doen om je te beschermen tegen cyberaanvallen? – Weerbare Digitale Overheid — Lees op www.weerbaredigitaleoverheid.nl/programmaonderdelen/sessie/98
AI SecurityNew Attack Let Attacker Collect and Spoof Browser’s Digital Fingerprints
A “potentially devastating and hard-to-detect threat” could be abused by attackers to collect users’ browser fingerprinting information with the goal of spoofing the victims without
AI SecurityA guide to combatting human-operated ransomware: Part 1 – Microsoft Security Blog
Microsoft’s Detection and Response Team (DART) has helped customers of all sizes, across many industries and regions, investigate and remediate human-operated ransomware for over five years. This blog
AI SecurityMicrosoft Cybersecurity Reference Architecture.
Looking for an overall Cybersecurity Reference Architecture? Microsoft has released a video with Shawn Anderson and I walking through each step of the Microsoft Cybersecurity Reference Architecture (M
AI SecurityMicrosoft Digital Defense Report – Microsoft Security
This report encompasses learnings from security experts, practitioners, and defenders at Microsoft to empower people everywhere to defend against cyberthreats. — Lees op www.microsoft.com/en-us/securi
AI SecurityRansomware Group FIN12 Aggressively Going After Healthcare Targets
Russian-language ransomware attackers FIN12 are targeting the healthcare industry aggressively. — Lees op thehackernews.com/2021/10/ransomware-group-fin12-aggressively.html
AI SecurityWindows 11 Security baseline – Microsoft Tech Community
We are pleased to announce the release of the security baseline package for Windows 11! Please download the content from the Microsoft Security Compliance — Lees op techcommunity.microsoft.com/t5/micr
AI SecurityMicrosoft Cybersecurity Reference Architectures – Security documentation | Microsoft Docs
Gedetailleerde technische referentiearchitecten voor cyberbeveiliging in meerdere cloudomgevingen, waaronder platforms van Microsoft en derden — Lees op docs.microsoft.com/nl-nl/security/cybersecurity
AI SecurityHow to Augment Your SIEM for Cybersecurity at Cloud Scale – The Databricks Blog
Learn why the combination of SIEM and the Databricks Lakehouse is becoming the new strategy for security operations teams. — Lees op databricks.com/blog/2021/07/23/augment-your-siem-for-cybersecurity-
AI SecurityCybersecuritybeeld Nederland 2021 | Publicatie | Nationaal Coördinator Terrorismebestrijding en Veiligheid
Het Cybersecuritybeeld Nederland 2021 (CSBN 2021) biedt inzicht in de digitale dreiging en de belangen die daardoor kunnen worden aangetast. Het gaat ook in op de weerbaarheid tegen de digitale d
AI SecurityConnect Windows security event data to Azure Sentinel (tabbed version) | Microsoft Docs
Learn to use the Windows Security Events connector to stream all security events from your Windows systems to your Azure Sentinel workspace. — Lees op docs.microsoft.com/en-us/azure/sentinel/con
AI SecurityHuman-operated ransomware
Learn about how to protect your organization from human-operated ransomware. — Lees op docs.microsoft.com/en-us/security/compass/human-operated-ransomware
AI SecurityWhat is the Greatest Threat of AI based Systems?
RESULT https://6b.eleuther.ai What is the Greatest Threat of AI based Systems ? So, you have seen recent news headlines about this great threat posed by AI. In fact, most of the press today is focused
AI SecurityInvestigating Cerber Ransomware with Splunk | TryHackMe – YouTube
In this video walkthrough, we covered how to investigate the Cerber Ransomware and find its related artifacts in Windows machines. #splunk #ransomware R… — Lees op m.youtube.com/watch
AI SecurityCyber Security Analysis – Beginner’s Guide to Processing Security Logs in Python.
This is the last installment of the series of articles on the RAPIDS ecosystem with this being the ninth installment. The series explores and discusses various… — Lees op developer.nvidia.com/blog/cyb
AI SecurityZero Trust Reference Architecture
Zero Trust (ZT) is a cybersecurity strategy and framework that embeds security throughout the architecture to prevent malicious personas from accessing our most critical assets. It provides zones for
AI SecurityMicrosoft Cybersecurity Reference Architectures – Security documentation
The Microsoft Cybersecurity Reference Architectures (MCRA) describe Microsoft’s cybersecurity capabilities. The diagrams describe how Microsoft security capabilities integrate with Microsoft platforms
AI SecurityHuman Operated Ransomware | Microsoft Docs
Human operated ransomware is a large and growing attack trend that represents a threat to most industries. Human operated ransomware is different than commodity ransomware. These “hands-on-keyboard” a
AI SecurityMicrosoft Security Best Practices | Microsoft Docs
Microsoft Security Best Practices (formerly known as the Azure Security Compass or Microsoft Security Compass) is a collection of best practices that provide clear actionable guidance for security rel
AI SecurityAre Multilingual Language Models Fragile? IBM Adversarial Attack Strategies Cut MBERT QA Performance by 85% | Synced
MBERT is more susceptible to attacks compared to BERT. MBERT gives priority to finding the answer in certain languages, causing successful attacks even when the adversarial statement is in a different
AI SecuritySecure containerized environments with updated threat matrix for Kubernetes – Microsoft Security
Secure containerized environments with updated threat matrix for Kubernetes – Microsoft Security — Lees op www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updat
AI Security