blog.guillaumebonnet.fr
Archive
ISO 27090: A Threat Model for the Thing That Has No Threat Model
| 14 May 2026
NIS2: The Directive Nobody Transposed on Time
| 27 Apr 2026
The DNS Sinkhole That Catches What Your EDR Misses
| 22 Apr 2026
Sigma Rules Are the Detection Language Your SIEM Already Supports
| 19 Apr 2026
Vulnerability Scanning Is Not Vulnerability Management
| 15 Apr 2026
Dear Bots, Welcome to My Blog
| 13 Apr 2026
Caido Is the Burp Alternative I Actually Enjoy Using
| 11 Apr 2026
NIS2 Compliance Starts with Asset Inventory, Not Policies
| 08 Apr 2026
CrowdSec Is the Fail2Ban Replacement I Wish I Found Sooner
| 05 Apr 2026
robots.txt Is a Security Vulnerability
| 02 Apr 2026
The Web Is Mostly Bots Now
| 31 Mar 2026
Passive DNS Is the Log You Are Not Collecting
| 30 Mar 2026
Lexis1234
| 29 Mar 2026
The CVE System Is Breaking and Nobody Has a Backup Plan
| 28 Mar 2026
7,500 Building Controllers and a Vendor Who Will Not Patch
| 27 Mar 2026
Nuclei Changed How I Run Recon
| 26 Mar 2026
Your Tires Are Broadcasting
| 25 Mar 2026
Shodan Is Old News. Try These Instead
| 24 Mar 2026
A Signed Int Broke 234 Chipsets
| 23 Mar 2026
GreyNoise Is the Threat Intel Nobody Uses
| 22 Mar 2026
The Phone Call After the Spam
| 20 Mar 2026
Stop-Loss Orders Are Costing You Money. Here Is the Data
| 17 Mar 2026
AirSnitch and the Myth of Wi-Fi Client Isolation
| 17 Mar 2026
Your Hosting Panel Is Already For Sale
| 14 Mar 2026
How to Read an Earnings Report in 10 Minutes
| 14 Mar 2026
DCA Is Not a Strategy. It Is a Coping Mechanism (And That Is Fine)
| 12 Mar 2026
The OAuth Redirect That Phishing Filters Cannot See
| 11 Mar 2026
Weekly DCA vs. Monthly DCA vs. Lump Sum. 20 Years of S&P 500 Data
| 10 Mar 2026
The Cloud Has a Physical Address
| 08 Mar 2026
When Offensive Tools Get an AI Brain
| 05 Mar 2026
The Qubit Curve Only Goes One Way
| 03 Mar 2026