Alex Haynes is an independent security researcher with a background in Ethical Hacking. He is a former pentester and Top 10 ranked researcher on Bugcrowd and is credited for discovering vulnerabilities in products by Microsoft, AWS, IBM, Adobe, Pinterest and many more. Alex is a frequent contributor to Information security publications around the world and speaks regularly at conferences on the topics of offensive security, vulnerability management and crowdsourced security. He also runs the non-profit website Scrytap.com, a security awareness content repository for other security professionals. He is currently the CISO at IBS Software.
For the better part of fifteen years, the cybersecurity industry has rallied around a single, sometimes contentious mantra: “Shift Left.” The logic was sound: find bugs early in the development cycle when they are cheaper … Read more
For over a decade, the cybersecurity industry has been defined by a single, persistent narrative: the “talent gap.” Enterprise security leaders have long struggled with a chronic shortage of qualified professionals, focusing almost exclusively on … Read more
As Agentic AI takes off, it’s important to keep in mind a few of the risks that security professionals will have to manage. In this article I’ll break down the risks that we’ll have to … Read more
As a security researcher, the burgeoning field of AI agent-to-agent communication protocols is as interesting as it is concerning. On one hand, the prospect of autonomous AI entities collaborating seamlessly to solve complex problems is … Read more
In today’s companies, the complex technology stack and a sprawling supply chain has become one of the most challenging tasks for organizations to manage. For CISOs and other security and compliance staff, the responsibility extends … Read more
In the digital age, data is king, driving decisions, shaping experiences, and demanding robust security. However, collaboration often necessitates sharing this valuable asset, raising privacy concerns. Multi-Party Computation (MPC), a cryptographic innovation, offers a solution. … Read more
In the evolving landscape of cyber threats, the dilemma of whether or not to pay ransomware actors remains a contentious issue. As cybercriminals continue to leverage ransomware attacks to extort money from organizations, the responses … Read more
In the ever-evolving landscape of cybersecurity, traditional tools, and approaches to securing remote access, such as Virtual Private Networks (VPNs), are increasingly seen as inadequate for the complex demands of modern enterprise environments. The shift … Read more
The gravest warning a pen test report could contain are the words “The host may be vulnerable to remote code execution”. It is hard to know what that immediately means. Did they get system access … Read more
Over a decade ago, the front page of ‘the economist’ once had a nuclear mushroom cloud with the caption ‘Cyberwar: the threat from the internet’. A dramatic way to encapsulate the vision of how we … Read more
