AI Security & Automation

Write something

Pinned

1d •

Hello and sorry for not posting for a while. It's been a busy few weeks. We are onboarding huge client to our SOC, transitioning from Qradar to Microsoft Sentinel and it's been a lot of work. It kept me busy and I also wanted to change the structure of our community. So what is new? :) - New Introduction - Lab setup updated with completely new training lab - Challenges with goals and milestones (7 day, 28 days, 91 days challenges) The last part is very important the content is structured based on your goals and it should be easier to navigate. Here is short break down: - Everyone starts the same way - creating an AI Cybersecurity Lab - 7 day challenge - Path I = Break into Cybersecurity - great for people trying to get first job in cybersecurity - Path II = AI for SOC Analyst - great for people, who work as cybersecurity analyst and strive for promotion - Path III = AI Agents for Cybersecurity - the end game path, where you learn advanced integrations. If you are aiming for positions such as Manager, AI Security Engineer, AI Security Architect you will greatly benefit from these. Full disclaimer, Path I is not complete. It's missing hands on lectures. It will be added later, but you can find a lot of useful free resources in there and I have added some lectures for offensive security. Also every path has a challenge tracker. You can make a copy to track your progress day by day. I'm also considering doing some weekly calls, where we discuss news, integrations with AI, new attacks, career advice, answering questions, what are we working on and so on. It can have many different shapes and I would love to know your opinion. I will make a poll in the next post. Thank you for being here, your support is very appreciated.

Pavel Hrabec

9h •

💬 General Chat

Azure Sign In Investigation

Yesterday, I have shared on LinkedIn, how you can investigate user's sign in history. I will share a link to KQL query, which will tell you - What IP addresses user used in the past 7 days - If he signed from them in the past 90 days - Did he sign from the country? Was device managed? If you are investigating user's activity, it's a great first check you can do and very useful for AI agents during incident response. https://github.com/Pavel-Hrabec/KQL-Queries/blob/main/Sign-In%20Login%20History

Pavel Hrabec

10d •

🚨 News & Updates

📅 Weekly Security Briefing — May 11–17, 2026

One thing is becoming increasingly clear: the impact of frontier AI models like ChatGPT 5.5 and Claude Mythos is now reshaping cybersecurity at every level. This cycle highlights one of Microsoft’s largest Patch Tuesdays ever, renewed concerns around AI-powered operating system features and the growing pressure on defenders to adapt to machine-speed threats. 🚨 Microsoft Patch Tuesday Fixes 167 Flaws & 2 Zero-Days What happened: Microsoft released one of its largest updates ever, fixing 167 vulnerabilities, including two zero-days — one actively exploited in the wild. The most critical is CVE-2026-32201, a SharePoint spoofing flaw that allows attackers to manipulate data and access sensitive information. 🔗 https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2026-patch-tuesday-fixes-167-flaws-2-zero-days/ 📂 13.5 Million McGraw Hill Accounts Leaked in Data Breach What happened: The ShinyHunters group leaked data from 13.5 million McGraw Hill users, reportedly due to a Salesforce misconfiguration. The breach exposed personal data and highlights ongoing risks tied to SaaS misconfigurations and weak cloud access controls. 🔗 https://www.bleepingcomputer.com/news/security/data-breach-at-edtech-giant-mcgraw-hill-affects-135-million-accounts/ 🤖 Frontier AI Models Raise Concerns Over Offensive Capabilities What happened: Policymakers and researchers are raising concerns over increasingly powerful AI systems capable of autonomous vulnerability discovery and exploit chaining. Discussions are underway around leveraging these capabilities defensively, while limiting misuse as models become dramatically more capable. 🔗 https://datainnovation.org/2026/04/federal-government-should-partner-with-frontier-ai-labs-on-cybersecurity-defense/

Pavel Hrabec

27d •

🚨 News & Updates

ChatGPT 5.5 > Claude Mythos

You can access chatGPT 5.5 today. It looks like the most powerfull AI model for CyberSecurity yet. Even better than Claude Mythos. GPT-5.5 completed TLO end-to-end in 2 of 10 attempts, making it the second model to do so. Mythos Preview, the first model to solve TLO, did so in 3 of 10 attempts. https://www.aisi.gov.uk/blog/our-evaluation-of-openais-gpt-5-5-cyber-capabilities On the Expert-level tasks, GPT-5.5 achieves an average pass rate of 71.4% (±8.0%, 1 standard error of the mean), compared to 68.6% (±8.7%) for Mythos Preview, 52.4% (±9.8%) for GPT-5.4, and 48.6% (±10.0%) for Opus 4.7. On this measure, GPT-5.5 may be the strongest model we have tested.