Utku ŞenCan Engineers Stage a Coup and Take Over Their Company?Insider threat is always an important topic in cybersecurity. We often focus on one or a few engineers stealing data and trying to bribe…Jul 221Jul 221
Utku ŞenDetermine the Real Impact of a Security Breach Using the “So What?” TechniqueBack in 2010, during my university days in Istanbul, I had an English teacher who was an ex-US military officer. His classes were not just…Jun 201Jun 201
Utku ŞenSpotify Should Implement a Donation Feature to Save Mid-Tier MusiciansAs an amateur musician with a monthly listener count of around 3,000 on Spotify, I’ve come to accept that I won’t be making any significant…Apr 17Apr 17
Utku ŞenEverything About Launching and Managing Your Bug Bounty Program (From a Former Triager)Bug bounty has been a hot topic in security for many years. While some may think it’s over-hyped, I believe it’s even underrated. Many…Jan 101Jan 101
Utku ŞenCould Socratic Dialogue Evolve into a Hacking Technique for AI Systems?In ancient Greece, Socrates became famous for his unique way of engaging in discussion. He used a method where he would ask a series of…Nov 2, 2023Nov 2, 2023
Utku ŞenPrompt Injection: How to Prevent It or Should We Prevent It?As a traditional application security engineer, I’m trying to adapt myself to the AI mayhem. This post covers my thoughts about prompt…Jul 6, 2023Jul 6, 2023
Utku ŞenThe State of CSRF Vulnerability in 2022CSRF (Cross-Side-Request-Forgery) vulnerabilities are with us since the beginning of the web. However, things are highly changed since…Jun 12, 20222Jun 12, 20222
Utku ŞenYüzbinlerce Vatandaşın Sağlık Bilgisinin Sızabileceği Bir Güvenlik Açığı ve Yaşadığım SüreçÖzet: Ülkemizin büyük hastaneler zincirinin birinde (kod adı: Sıhhat Bahçesi), tüm hastaların tahlil/işlem sonuçlarının sızabileceği bir…Oct 8, 2021Oct 8, 2021
Utku ŞenSiber Güvenlik Sektörü Maaş Araştırması (2021)Geçen sene yine bu zamanlarda yaptığım maaş anketini tekrar gerçekleştirdim. Geçen yıldan farklı olarak bu yıl, çalışılan kurumun…Sep 24, 2021Sep 24, 2021
Utku ŞenVeri Sızmalarının Önlenmesi İçin Devlet Destekli Zorunlu Ödül Avcılığı SistemiSon bir yıldır kişisel veri sızmalarına fazlasıyla maruz kaldık. Veriler, büyük şirketlerin hacklenmesiyle sızabildiği gibi, irili ufaklı…Jun 5, 2021Jun 5, 2021