Profile avatar
raybeorn.bsky.social
Life Coach, Conspiracy Theorist, and Absurdist. I do AppSec in my non-spare time for money. My opinions are now your opinions, but at least you are now right!
42 posts 35 followers 79 following
Regular Contributor
Active Commenter
Posts 16 Comments 29

Everyone is like rip tiktok but more like rip my feed.

submitted 36 days ago • 0 comments

I am happy that appsec peeps aren’t talking about bug bounty and threat modeling all the time. I wonder what the next big buzzword is gonna be for appsec.

submitted 40 days ago • 1 comment

Design a system that is PCi/HITRUST/Whatever compliant but it is vulnerable af.

submitted 48 days ago • 0 comments

Was not a fan of compliance but now I am starting to see the merits in some cases.

submitted 94 days ago • 0 comments

Damn, it’s been a while since I’ve been on here

submitted 100 days ago • 0 comments

Join @semgrep community for a live panel on "Building a Successful Security Champions Program: What Does it Take?" with AppSec veterans Chris Romeo @edgeroute, Dustin Lehr @DustinLehr1, Devin Rudnicki, and Ray Leblanc @Raybeorn ow.ly/WngS50QBpRN #SecurityChampions #AppSec

submitted 372 days ago • 0 comments

We have done bug bounties, DevSecOps, now threat modeling. Are we secure yet?

submitted 397 days ago • 1 comment

I use to be a big believer in SCA but now I feel like we should start a crusade against it. Not all of it but most of it. How many wasted dev hours have gone into fixing pointless shit?

submitted 466 days ago • 0 comments

When are chain wallets going to be cool again? I just found my old one. I think im gonna wear it

submitted 492 days ago • 0 comments

App Security architects what KPIs do you use to show you are doing architectural work?

submitted 536 days ago • 0 comments

Want to level up your threat modelling skills? Join us for an eye-opening conversation with @Raybeorn and host @shehackspurple, on the We Hack Purple podcast! WHP: https://wehackpurple.com/podcast/episode-80-with-ray-leblanc/ #YouTube: https://youtu.be/q20AXw6gv0o Sponsored by #semgrep

submitted 580 days ago • 0 comments

I'm speaking at #ThreatModCon Oct 29th in Washington, DC, and the CALL FOR PAPERS is open! "Threat Modeling is for Everyone", CFP closes July 15th, get going! https://www.threatmodelingconnect.com/general-discussion-32/call-for-papers-threat-modeling-conference-2023-238

submitted 593 days ago • 0 comments

Just checked out the MASVS, i like the new version.

submitted 593 days ago • 0 comments

So i took the ASVS, got it down to under 50 controls. Decided whether the controls could be tested thru automation or manually. This will be the start of my api security standard.

submitted 594 days ago • 1 comment

Is the OWASP Top 10 for LLMs really valid if it wasn’t generated by LLMs?

submitted 635 days ago • 0 comments

I have arrived.

submitted 651 days ago • 1 comment