Nov 27, 2019
Jabaras Walkthrough
Lately I have been diving deep into learning the various security issues that comes from utilizing various development tools; this week the focus was on CI/CD pipeline. So...
Guled Abdilahi
Security engineer. Builder. Breaker.
I like finding the seams in systems: stale permissions, forgotten admin settings, noisy detections, loose workflows, and quiet misconfigurations that turn into real risk.
Then I like building the thing that makes it harder to happen again.
about.md
About
I'm Guled, a security engineer based in Atlanta.
I started as a developer, which still shapes how I approach security. I like understanding how systems are built, how they fail, and how to turn that into better tooling, better detections, better controls, and less security theater.
My work sits somewhere between breaking and building: finding weak spots, validating risk, and closing the loop with automation, detection, and practical engineering.
I'm also around the AppSec and hacker conference world through OWASP Atlanta, DEF CON, Diana Initiative, BSides, and CTF-style workshops.
This site is a place for notes, talks, experiments, and unfinished thoughts.
blog/
Blog
Notes on security engineering, SaaS security, identity, detection, automation, and the weird edges of enterprise systems.
Aug 23, 2019
Learning Serverless Security with OWASP's Serverless Goat
Earlier this week I had the please giving my first security talk at OWASP Atlanta on serverless security. Below is a copy of the slides from my presentation....
Apr 30, 2019
Serverless Security 101
Since I have been using serverless rather extensively lately, I thought it would be perfect time to share what I have been learning about security in the serverless...
Mar 8, 2019
How to stay current in AppSec
There is countless ways to keep up with what is happening within the Application Security Space. If you want to stay plugged in, I would suggest you go...
Mar 1, 2019
Welcome to my blog!
I started to this blog to share what I learn throughout my journey into all things Information Security. Please comment, share, and send me any critiques you may...
contact.txt
Contact
For security talks, workshops, collaboration, or general infosec conversation, reach out here.