About
Lead by identifying opportunities and…
Articles by Abraham
-
Obtained My Machine Learning Certificate from Cornell University
Obtained My Machine Learning Certificate from Cornell University
By Abraham Kang, Esq.
-
Applied AI: Going From Concept to ML Components
Applied AI: Going From Concept to ML Components
By Abraham Kang, Esq.
-
Taking Advantage of the Expo Floor of a Conference
Taking Advantage of the Expo Floor of a Conference
By Abraham Kang, Esq.
Contributions
-
How do you handle XSS in different types of web applications, such as SPA, SSR, or API?
I think you got to cover how developers can turn off the default XSS protections and also where the frameworks do not protect for XSS like src attributes in React link components will be vulnerable to the javascript: protocol for XSS
-
How do you handle XSS in different types of web applications, such as SPA, SSR, or API?
Again, I think you should put some examples, especially in the API case where there's unique interactions between the API and clients that cause XSS. This section is a bit hand wavy and needs more specific examples and use cases where the APIs have caused XSS. It would also be good to discuss the nuanced differences between APIs XSS and other applications XSS.
-
How do you handle XSS in different types of web applications, such as SPA, SSR, or API?
I think you also want to point out that se frameworks have ways of disabling HTML output and coding by using triple handlebars or safe attributes and again showing code examples for the differences between XSS and all the different types of applications would be insightful
Activity
-
Many people know that I'm a huge fan of magicians, and have spent time with some of the best in the world, from David Copperfield, to David Blaine…
Many people know that I'm a huge fan of magicians, and have spent time with some of the best in the world, from David Copperfield, to David Blaine…
Liked by Abraham Kang, Esq.
-
RoachFest 2024 goes regional this time and I load-balanced to the us-west region in Menlo Park. This time I represented Iterable as we expanded our…
RoachFest 2024 goes regional this time and I load-balanced to the us-west region in Menlo Park. This time I represented Iterable as we expanded our…
Liked by Abraham Kang, Esq.
Experience & Education
Licenses & Certifications
Volunteer Experience
Publications
-
Who’s Verifying the Verifier: A Case-Study in Securing LLM Applications
Consumer Reports
An article discussing a remote code execution vulnerability found in large language model applications built on top of LangChain. This article covers one of the core pillars in implementing responsible AI.
Other authorsSee publication -
Improving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developers – Part 2
Include Security Research
An article explaining the cause of prompt injection by tying it to the internals of transformer models used by LLMs
-
Improving LLM Security Against Prompt Injection: AppSec Guidance For Pentesters and Developers
Include Security
A post highlighting security research on LLMs and prompt injection
-
Understanding Backpropagation as Applied to LSTM
kdNuggets
A detailed but simplified explanation of backpropagation through a LSTM recurrent neural network but thinking in functional steps while applying the Chain Rule.
-
How to implement and use the MITRE ATT&CK framework
CSO Online
Provide a comprehensive resource for understanding and implementing the MITRE ATT&CK framework in your enterprise.
-
The Inherent Insecurity in Neural Networks and Machine Learning Based Applications
Towards Data Science
An in-depth overview of all the security vulnerabilities and attacks against machine learning models.
Other authorsSee publication -
What is "reasonable security"? And how to meet the requirement
CSO Online
Companies need to understand how to implement "Reasonable Security" practices and programs. This article explains how.
-
Applied AI: Going From Concept to ML Components
Towards Data Science
Many people in machine learning are focused on solving problems at the micro level. I want to open your mind to different ways of applying machine learning to bigger problems in the real world.
-
OWASP Cheat Sheet Series
OWASP Foundation
The OWASP Prevention Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by multiple application security experts and provide excellent security guidance in an easy to read format.
Patents
-
Adaptive determination of information display
Issued US US9836184B2
-
System and Method for Fraud Detection in a Mobile Device
Issued US US20160307199A1
-
Telephony collaboration system and method for a trusted environment
Issued US US9743255B2
-
Apparatus, system, and method for identifying a man-in-the-middle (mitm) connection
Issued US US20150188932A1
Courses
-
Ruby
-
Projects
-
Samsung Pay
- Present
Honors & Awards
-
National Security Institute 2020 Fellowship
NSI
Work with law makers to shape policy and laws around security, technology and AI/ML.
-
Outstanding Graduate Award
Lincoln Law School of San Jose
Award given to one graduate by his class peers.
I am proud to have been selected by my peers for this award. It was a great honor considering the quality of my peers and their outstanding achievements as well. -
Quill and Dagger Senior Honor Society
Quill and Dagger
This distinction was given to me in my senior year at Cornell University. Only 0.5% of seniors get tapped for this award highlighting leadership, service to the Cornell community, and academics.
-
Cornell Tradition Grossman Fellow
Cornell Tradition
Award given for outstanding efforts in service, work, and academics at Cornell University.
Languages
-
Korean
-
-
Spanish
-
Organizations
-
OWASP, ISACA, ISC2
-
Recommendations received
32 people have recommended Abraham
Join now to viewMore activity by Abraham
-
Join me this Thursday, June 27th at 10:45am PST to explore parenting neurodivergent kids while juggling a career in cybersecurity! It's free and…
Join me this Thursday, June 27th at 10:45am PST to explore parenting neurodivergent kids while juggling a career in cybersecurity! It's free and…
Liked by Abraham Kang, Esq.
-
this is the venue where I'm presenting later today at the Owasp Italy Day conference pretty cool isn't it 😎
this is the venue where I'm presenting later today at the Owasp Italy Day conference pretty cool isn't it 😎
Liked by Abraham Kang, Esq.
-
Excited to announce that Kunal Patel and I will be teaching a 4-day machine learning security class at Blackhat this August! We'll cover math and…
Excited to announce that Kunal Patel and I will be teaching a 4-day machine learning security class at Blackhat this August! We'll cover math and…
Posted by Abraham Kang, Esq.
-
I was gleeful over the weekend when this long term hardware CTF Challenge of mine got released to over 650 people at NorthSec Got great feedbacks…
I was gleeful over the weekend when this long term hardware CTF Challenge of mine got released to over 650 people at NorthSec Got great feedbacks…
Liked by Abraham Kang, Esq.
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More