Archive

2026  27

June  2

Cryptography Guide for Practical Security Professionals

June 16, 2026 · 15 min · 3119 words

From a Security Development Spec for Small LLMs to Regression Tests and Fuzzing Validation

June 8, 2026 · 26 min · 5449 words

May  10

A Critical Reading of Structural Ethics in Cybersecurity Policy: Korea’s 2025 Whole-of-Government Information Protection Plan

May 24, 2026 · 15 min · 2991 words

The Moment AI Truly Becomes New: Not When It Finds the Answer, but When It Rewrites the Problem

May 24, 2026 · 19 min · 3933 words

The Real Battleground of National AI Strategy Is Not Just GPU Count

May 24, 2026 · 11 min · 2212 words

An Audit Workflow Survives Only When It Absorbs Misses — Eight Reinforcements to sec-audit-static v2.0

May 19, 2026 · 14 min · 2926 words

Security Controls Aren’t Lacking — They’re Inconvenient: Why Security Needs Customer Context

May 11, 2026 · 13 min · 2671 words

Can the Market Move Governance?

May 7, 2026 · 6 min · 1085 words

MCP Is Repeating the History of RPC Security

May 7, 2026 · 5 min · 895 words

How Do We Measure Adaptive Capability?

May 4, 2026 · 6 min · 1073 words

Supply Chain Security Does Not End with SBOM: Governing AI Development Tools and Automation Connections

May 2, 2026 · 8 min · 1685 words

Security Assessment Becomes a Development Process, Not an Outsourced Event

May 1, 2026 · 10 min · 1927 words

April  9

The AI Slop Paradox: Why Triage Gets Harder When Vulnerabilities Get Easier to Find

April 30, 2026 · 7 min · 1480 words

Why Korean Security Governance Does Not Change

April 30, 2026 · 7 min · 1352 words

Beyond CVE Response: AI-Era Vulnerabilities Move Before They Get Numbers

April 29, 2026 · 7 min · 1451 words

Korean Security Governance Is Accelerating in the Wrong Direction in the AI Era

April 26, 2026 · 12 min · 2436 words

After the Code, the Structure Remains

April 21, 2026 · 5 min · 1052 words

Why Security Knowledge Transfer Fails — and What to Design Instead

April 21, 2026 · 25 min · 5279 words

How I Turned 228 Endpoints into 5 Clusters

April 15, 2026 · 17 min · 3431 words

Why Account Takeover Never Ends — Dismantling the ATO Supply Chain

April 7, 2026 · 6 min · 1088 words

Structure Builders Will Outlast Vulnerability Finders

April 2, 2026 · 8 min · 1641 words

March  3

The CAPTCHA That Became a Free Automatic Door for Hackers — A Bypass PoC and Defense Strategy

March 30, 2026 · 28 min · 5849 words

Security Diagnostics Reports Die Upon Publication

March 17, 2026 · 6 min · 1209 words

WAF/IPS/IDS Detection Gap Analysis and Remediation Direction

March 13, 2026 · 45 min · 9553 words

February  1

Contracts vs Security Governance — Contracts Enforce. Governance Decides.

February 13, 2026 · 4 min · 784 words

January  2

eIDAS 2.0 vs. Korea’s Digital Identity System: A Comparative Analysis

January 19, 2026 · 8 min · 1657 words

Amadey Malware: A Comparative Study of Static Detection vs Memory-Based Detection

January 7, 2026 · 11 min · 2310 words

2025  20

December  2

The Visibility Principle: How Internal Vulnerability Visibility Shapes Remediation Behavior

December 29, 2025 · 6 min · 1080 words

Attack Surface Management in 2025: Why Continuous Visibility is Essential

December 22, 2025 · 11 min · 2330 words

June  3

The Gap Between CISO Strategy and Execution: The WAF Debate and Field Leadership Report

June 30, 2025 · 13 min · 2756 words

The Limitations of ‘Secure’ SSRF Patches: Advanced Bypasses and Defense-in-Depth

June 25, 2025 · 20 min · 4260 words

Exception Serialization Patterns in OpenStack Nova: Theoretical RCE Risks and Lessons Learned

June 10, 2025 · 8 min · 1615 words

May  5

Endpoint Security Evasion (2020–2025): From EDR Bypass to EDR Kill

May 28, 2025 · 33 min · 6841 words

SPOF in Cybersecurity: From History to Strategy, a Graph-Based Analysis

May 15, 2025 · 5 min · 1018 words

Dicer Module Vulnerability Mitigation Guide: CVE-2022-24434

May 12, 2025 · 2 min · 343 words

How I Managed Unmaintained Open Source with Gmail and Snyk Alerts

May 12, 2025 · 5 min · 1049 words

Human Insight and Artificial Intelligence: Dialogue at an Impossible Crossroads

May 7, 2025 · 5 min · 981 words

April  8

Detection Frameworks and Latest Methodologies for eBPF-Based Backdoors

April 28, 2025 · 14 min · 2960 words

In-Depth Report on Telecommunication Security: SKT Breach and Global Case Studies

April 28, 2025 · 5 min · 864 words

CVE-2019-17570 Apache XML-RPC Vulnerability Analysis Report

April 24, 2025 · 2 min · 360 words

Is Your Data in the Cat’s Paws?

April 21, 2025 · 6 min · 1156 words

There’s No Such Thing as a Free Lunch, But Security Was Free

April 17, 2025 · 3 min · 478 words

In the AI Era, Employees Are Isolated and Organizations Thrive

April 7, 2025 · 2 min · 317 words

The Place of Humans: Declaring the Creator’s Rights in the Age of AI

April 3, 2025 · 3 min · 454 words · windshock

Common Security Myths Developers Tell Themselves

April 1, 2025 · 3 min · 507 words

March  2

How to Block ECH and Mitigate DoH in Enterprise Networks

March 31, 2025 · 3 min · 468 words

XML-RPC Security Vulnerabilities Analysis and Mitigation Strategies

March 28, 2025 · 4 min · 692 words

2024  4

November  1

Review of Citrix Security Policy Effectiveness

November 5, 2024 · 3 min · 469 words

June  2

KPIs Can Cause Incidents!!!

June 20, 2024 · 2 min · 402 words

Common Misconceptions of Security Assessors

June 16, 2024 · 3 min · 550 words

May  1

Can Development Culture Influence Security Levels?

May 22, 2024 · 5 min · 952 words

2023  2

April  2

Bypassing citrix policy is not a vulnerability, but it can be a violation of the law

April 27, 2023 · 5 min · 989 words

Strengthening cybersecurity through government ngos and bug bounty programs

April 18, 2023 · 3 min · 563 words

2019  2

September  1

Security threats and mitigation strategies for java reflection

September 3, 2019 · 5 min · 1055 words

August  1

About the XSSAudit

August 8, 2019 · 2 min · 336 words