Links
AddPenpot: The open-source design tool for design and code collaboration - penpot/penpot
A test-automation framework is a set of best practices, common tools, and libraries that help quality-assurance testers assess the functionality, security, usability, and a
Alda is a text-based programming language for music composition. It allows you to write and play back music using only a text editor and the command line.
A powerful meta-prompting, context engineering and spec-driven development system that enables agents to work for long periods of time autonomously without losing track of the big picture - gsd-build/gsd-2
On April 21, 2026, a major breakthrough in cybersecurity happened: leading standardization initiatives gathered in Washington DC and agreed to begin coordinating collectively on AI security. A personal dream come true. The result: MOSAIC: Multi-Organization Secure AI Coordination. The goal: turn a fragmented landscape into clear, consistent standards and guidelines, to deal with the mounting risks of AI.
This important step was taken at the AI Security Policy Forum, organised and led by the OWASP AI Exchange, with SANS Institute as co-host - convening standard makers and policy stakeholders.
The initiatives at the table included: 👉 BIML (Berryville Institute of Machine Learning) 👉 Center for Internet Security (CIS) 👉 Cloud Security Alliance (CSA) 👉 Coalition for Secure AI (CoSAI) 👉 National Institute of Standards and Technology (NIST) 👉 OWASP AI Exchange (AIX) 👉 OWASP GenAI Security Project 👉 SANS Institute
The group agreed that it is now more important than ever to coordinate around the rapidly evolving possibilities and challenges of AI, as AI security risks mount.
One of the next steps is to provide a standardized map of the participating initiatives and a communication platform to exchange insights on a first list of identified topics (e.g., aligning with other initiatives such as SC42, building on OpenCRE, consensus on definitions), improve consistency, clarity, quality, and prevent unnecessary duplication. The idea is to move fast while maintaining independence and with lightweight coordination - not add more committees.
In addition to the organizations mentioned, the discussion also included journalists, representatives from International Telecommunication Union (ITU), The Aspen Institute, academia, and government — providing valuable perspectives on developments in both policy and industry. This helped prioritize the topics to focus on.
In the picture, from left to right, standing to sitting: Disesdi Shoshana Cox (AIX), Gary McGraw(BIML), Rob van der Veer (AIX), Anonymous, Duncan Sparrell, John Yeoh (CSA), Rock Lambros (GenAI), Norma Krayem, Brian Calkin (CIS), Matt Altomare (Aspen), Omar Santos (CoSAI), Aruneesh Salhotra (AIX), Jonathan Gibson (The Dispatch), Apostol Vassilev (NIST), Rhea Nygard, Ken Huang, Lav Varshney (Stony Brook University), Sounil Yu, and Sharon Goldman (Fortune)
Not in the picture, but involved, in alphabetical order: Rob T. Lee (SANS), Ryan Galluzzo (NIST), Soribel F.
A big thank you to: 👏 Disesdi Shoshana Cox for her idea to bring everybody together in a room to fulfil the connecting mission of the Exchange 👏 The amazing thinktank at the AI Exchange 👏 Spyros Gasteratos for his work on OpenCRE 👏 Violeta Klein, CISSP, CEFA for shaping the story for the Forum 👏 Straiker, Casco (YC X25), AI Security Academy, and SANS for supporting the Forum. 👏 Software Improvement Group for donating the original threat model and initiating the AI Exchange
Let’s make AI a success! | 28 comments on LinkedIn
The web browser made for people, with love. Best privacy by default, unbiased ad-blocking, no bloat and no noise. Fully open source.
Share This Editorial
Microsoft is bringing GitHub into its AI engineering team. It’s part of an AI shakeup, following the GitHub CEO resigning.
In an era of generative AI and ubiquitous digital tools, human memory faces a paradox: the more we offload knowledge to external aids, the less we exercise and
It's fast, furious, and somewhat bonkers, but it gets the job done.
SMBC is a daily comic strip about life, philosophy, science, mathematics, and dirty jokes.
An easy to use, distributed and fast version control system.
Put away your word processor and start writing from the command line using these open source tools.
K8s Cleaner is a powerful tool that automates the cleanup of unused resources in Kubernetes clusters, ensuring optimal performance and resource utilization.
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...) - permitio/opal