<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>Lambda Security</title><description>Research and writing on static analysis, LLMs for security, vulnerability detection, and secure software development.</description><link>https://lambdasec.github.io/</link><item><title>Towards Mostly Autonomous Software Development</title><link>https://lambdasec.github.io/Towards-Mostly-Autonomous-Software-Development/</link><guid isPermaLink="true">https://lambdasec.github.io/Towards-Mostly-Autonomous-Software-Development/</guid><description>Almost exactly a year ago, I wrote about how coding assistants were changing software development. At the time, Claude Sonnet 3.5 was the SOTA coding model, and we were witnessing the early signs of a</description><pubDate>Thu, 25 Dec 2025 00:00:00 GMT</pubDate></item><item><title>Autogrep: Automated Generation and Filtering of Semgrep Rules from Vulnerability Patches</title><link>https://lambdasec.github.io/AutoGrep-Automated-Generation-and-Filtering-of-Semgrep-Rules-from-Vulnerability-Patches/</link><guid isPermaLink="true">https://lambdasec.github.io/AutoGrep-Automated-Generation-and-Filtering-of-Semgrep-Rules-from-Vulnerability-Patches/</guid><description>Static Analysis Security Testing (SAST) tools are essential for modern secure software development, yet the maintenance and creation of high-quality detection rules remain challenging and resource-int</description><pubDate>Mon, 24 Feb 2025 00:00:00 GMT</pubDate></item><item><title>Sparks of Digital Immortality with meraGPT</title><link>https://lambdasec.github.io/Sparks-of-Digital-Immortality-with-meraGPT/</link><guid isPermaLink="true">https://lambdasec.github.io/Sparks-of-Digital-Immortality-with-meraGPT/</guid><description>In an era where our digital footprints are as expansive as the internet itself, the concept of digital immortality is not just science fiction but a burgeoning reality. The introduction of meraGPT , t</description><pubDate>Mon, 15 Apr 2024 00:00:00 GMT</pubDate></item><item><title>AutoFix: Automated Vulnerability Remediation using Static Analysis and LLMs</title><link>https://lambdasec.github.io/AutoFix-Automated-Vulnerability-Remediation-using-Static-Analysis-and-LLMs/</link><guid isPermaLink="true">https://lambdasec.github.io/AutoFix-Automated-Vulnerability-Remediation-using-Static-Analysis-and-LLMs/</guid><description>In the rapidly evolving world of software development, security remains a paramount concern. With the increasing complexity of applications and the ever-present threat of cyber attacks, developers and</description><pubDate>Tue, 12 Dec 2023 00:00:00 GMT</pubDate></item><item><title>When the going gets tough: Understanding the challenges with Product commoditization in SCA</title><link>https://lambdasec.github.io/When-the-going-gets-tough-Understanding-the-challenges-with-Product-commoditization-in-SCA/</link><guid isPermaLink="true">https://lambdasec.github.io/When-the-going-gets-tough-Understanding-the-challenges-with-Product-commoditization-in-SCA/</guid><description>Recently, I have been thinking a lot about product commoditization and how it affects the software composition analysis (SCA) tools market. If you have been living under a rock and have never heard of</description><pubDate>Fri, 14 Jun 2019 00:00:00 GMT</pubDate></item><item><title>The Most In-Demand Programming Languages of 2018</title><link>https://lambdasec.github.io/The-Most-In-Demand-Programming-Languages-of-2018/</link><guid isPermaLink="true">https://lambdasec.github.io/The-Most-In-Demand-Programming-Languages-of-2018/</guid><description>We saw several new programming languages like Kotlin, Rust, and Go lang come into promienence this year. In this article, we take a look at what 2018 has in store when it comes to programming language</description><pubDate>Fri, 29 Dec 2017 00:00:00 GMT</pubDate></item><item><title>Cyber Wars in 2018</title><link>https://lambdasec.github.io/Cyber-Wars-in-2018/</link><guid isPermaLink="true">https://lambdasec.github.io/Cyber-Wars-in-2018/</guid><description>This year we saw a number cyber attacks like WannaCry and Petya aimed at causing disruptions and damage to organizations and nations. In this article, we take a look at what is in store for us in 2018</description><pubDate>Thu, 21 Dec 2017 00:00:00 GMT</pubDate></item><item><title>Is the World Ready for the New Generation of Self-Propagating Ransomware?</title><link>https://lambdasec.github.io/Is-the-World-Ready-for-the-New-Generation-of-Self-Propagating-Ransomware/</link><guid isPermaLink="true">https://lambdasec.github.io/Is-the-World-Ready-for-the-New-Generation-of-Self-Propagating-Ransomware/</guid><description>Self-propagating threats such as WannaCry and Petya were only the tips of the iceberg. The success hackers enjoyed with WannaCry and Petya makes it quite likely others will try to replicate the tactic</description><pubDate>Wed, 13 Dec 2017 00:00:00 GMT</pubDate></item><item><title>The Impact of DevOps on Application Performance Management</title><link>https://lambdasec.github.io/The-Impact-of-DevOps-On-Application-Performance-Management/</link><guid isPermaLink="true">https://lambdasec.github.io/The-Impact-of-DevOps-On-Application-Performance-Management/</guid><description>Application Performance Mangement or APM refers to the practice of monitoring the performance of your code, application, runtimes, and overall user experience. In this article, we will talk about how </description><pubDate>Thu, 07 Dec 2017 00:00:00 GMT</pubDate></item><item><title>What are the top 3 free security tools that every infosec professional should use?</title><link>https://lambdasec.github.io/What-are-the-top-3-free-security-tools-that-every-infosec-professional-should-use/</link><guid isPermaLink="true">https://lambdasec.github.io/What-are-the-top-3-free-security-tools-that-every-infosec-professional-should-use/</guid><description>There are several free tools that a security engineer may use as part of their arsenal but the following three are quite essential.</description><pubDate>Wed, 22 Nov 2017 00:00:00 GMT</pubDate></item><item><title>Companies Lax on Open Source Risk</title><link>https://lambdasec.github.io/Companies-Lax-on-Open-Source-Risk/</link><guid isPermaLink="true">https://lambdasec.github.io/Companies-Lax-on-Open-Source-Risk/</guid><description>Recently, a survey done on open source risk found that enterprises are not proactive in managing and securing the use open source. Almost 40% of respondants said that no one in their company was respo</description><pubDate>Sun, 12 Nov 2017 00:00:00 GMT</pubDate></item><item><title>5 Steps Towards GDPR Compliance</title><link>https://lambdasec.github.io/5-Steps-Towards-GDPR-Compliance/</link><guid isPermaLink="true">https://lambdasec.github.io/5-Steps-Towards-GDPR-Compliance/</guid><description>On 25th May 2018 the EU General Data Protection Regulation (GDPR) will become enforceable. It will change how businesses and public sector organizations can handle information of customers and users. </description><pubDate>Mon, 18 Sep 2017 00:00:00 GMT</pubDate></item><item><title>Protecting Spring Boot Apps with Botwall4J</title><link>https://lambdasec.github.io/Protecting-Spring-Boot-Apps-with-Botwall4J/</link><guid isPermaLink="true">https://lambdasec.github.io/Protecting-Spring-Boot-Apps-with-Botwall4J/</guid><description>Botwall4J is an open-source library that can help protect Java web applications from bots, content scrapers and automated account hijacking attempts. In this article, we will see how simple it is to i</description><pubDate>Sat, 25 Mar 2017 00:00:00 GMT</pubDate></item><item><title>Continuous fuzzing of Java projects with GramTest</title><link>https://lambdasec.github.io/Fuzzing-Java-Libraries-with-GramTest/</link><guid isPermaLink="true">https://lambdasec.github.io/Fuzzing-Java-Libraries-with-GramTest/</guid><description>GramTest is a Java-based tool that allows you to generate random test cases based on BNF grammars. It is an open-source project and can be downloaded from GitHub . In this article, we will see how you</description><pubDate>Fri, 24 Mar 2017 00:00:00 GMT</pubDate></item><item><title>Lambda Security is up and running!</title><link>https://lambdasec.github.io/Lambda-Security/</link><guid isPermaLink="true">https://lambdasec.github.io/Lambda-Security/</guid><description>I have always been interested in the interplay between programming languages and software security. In particular, isn&apos;t it nice that there are class of vulnerabilities that can be eliminated by desig</description><pubDate>Sun, 08 Jan 2017 00:00:00 GMT</pubDate></item></channel></rss>