The Secure Cookie

🍪#8 Fuzzing an ADK LLM-based Agent via a GitLab CI/CD Pipeline

Automating AI security testing to detect jailbreaks and report vulnerabilities directly in GitLab’s Vulnerability Report using FuzzyAI

Mar 13 • Ferran

1

1

December 2025

The Next Evolution of the Web: From Navigation to Intent

A practical look at how websites will stop showing content and start completing tasks.

Dec 17, 2025 • Ferran

2

1

1

November 2025

🍪#7 A Developer-Friendly Approach to Security in CI/CD Pipelines

Illustrating secure delivery workflows with minimal friction for developers.

Nov 18, 2025 • Ferran

1

October 2025

🍪#6 From Dev to Prod and How Runtime Environments Shape the SDLC

Clarifying the differences between Development, Test, Staging, and Production environments.

Oct 28, 2025 • Ferran

1

1

🍪#5 The Final Step to Secure File Uploads

Managing file size, storage, and permissions to build resilient and secure upload features.

Oct 16, 2025 • Ferran

1

1

Your Company Needs More (Good) Digital Nomads

Why letting your team work from paradise might be smarter than you think.

Oct 9, 2025 • Ferran

1

🍪#4 Turning WAFs into a VirusTotal-like Platform for File Content Validation

As a security engineer, working with low-budget projects has sometimes driven my growth.

Oct 2, 2025 • Ferran

1

September 2025

🍪#3 Why File Type Validation is Always an Untrusted Check

Attackers turn file type validation into an easy bypass.

Sep 25, 2025 • Ferran

1

🍪#2 How To Sanitize A Filename

A developer's guide to practical defenses against unsafe file names in file upload features.

Sep 18, 2025 • Ferran

1

🍪#1 The Dangers of Insecure File Uploads

From RCE to data leaks—the risks behind insecure file handling.

Sep 9, 2025 • Ferran

1

Hello from The Secure Cookie

An introduction to me and to this newsletter. And why secure coding is more than just following AI hints.

Sep 5, 2025 • Ferran