Extracting the signal from the noise in information security research is difficult. In Q3 2024, we tracked over 4000 talks and papers, and almost 1500 security blog posts. From that pile, we've selected 19 pieces of work that we feel deserve attention. This quarters talks fall roughly into three groups: edge cases at internet-scale having big impacts, going above and beyond, and what goes on beyond the curtain can still be dangerous.
Copyright © Thinkst Applied Research. All Rights Reserved.
Get notified whenever a new ThinkstScapes is released.
We won’t spam you in any way. We Promise!
In this quarterly issue the themes we cover include: AI/ml (in)security, whole system analysis, new modalities of attack, and old components showing the strain.
In this quarterly issue the themes we cover include: revealing more than anticipated, taking another look with a fresh perspective, and turning Windows into doors..
In this quarterly issue the themes we cover include: LLMs ain't making life any easier, problems in well-trodden areas, and reflecting on our efforts.
In this quarterly issue the themes we cover include: cryptography still isn't easy, continued attack of the side-channels, and composition is hard in the cloud.
In this quarterly issue the themes we cover include: privacy in the modern era, embedded [in]security, and issues at the operating system level.
In this quarterly issue the themes we cover include: modern techniques for modern systems, new attacks and new defences, and stepping back to gain perspective.
In this quarterly issue the themes we cover include: signature validation at scale, post-exploitation in the modern world, and forgotten legacy in today's systems.
In this quarterly issue the themes we cover include: AI/ML boosted side-channels, clever cryptography and software analysis at scale.
In this quarterly issue the themes we cover include: Security of networks - modern and legacy, Languages and their ecosystems, and Deep dives into deep places.
In this quarterly issue the themes we cover include: Low-level, but high-privilege bug hunting, Confidential computing for the masses, and Machine learning is here to help, or not.
In this quarterly issue the themes we cover include, Making Servers (Over)work for fun and profit, Analyse and Fix, Bridging Gaps and Making Gaps, and other Nifty Sundries.
In this quarterly issue, the themes we cover include: high-consequence embedded exploitation, exploiting "differences of opinion", and high quality research into defence.
Yes! Completely! There are no annoying paywalls. There is no vendor email-address collection. It’s Free. (As in beer).
ThinkstScapes used to be a paid-for service. We have now opened it up free to the world (and even opened up previous issues).
ThinkstScapes is provided free, by the people who build the much loved Thinkst Canary and the widely used Canarytokens.
Thinkst Labs researchers have been a regular feature at Conferences worldwide since 2002, and have been synthesizing this information for clients and internal teams for nearly two decades.
ThinkstScapes readers receive vendor neutral reports on key events and research findings as they occur with context, commentary and guidance.
ThinkstScapes makes this information available to everyone in the form of concise (but comprehensive) reports.