✍️ Just blogged: "You Don't Need a Vendor to Automate Security Questionnaires"

Tested three approaches to automating security questionnaires with AI: expensive SaaS vendors, custom RAG solutions, and direct LLM use.

blog.marcolancini.it/2025/blog-au...

✍️ Just blogged: "Transform Years of Content Into a Conversational Knowledge Base"

How to make your content interactive by building a conversational knowledge base. A practical walkthrough using CloudSecList, LLMs, and Cloudflare Workers.

blog.marcolancini.it/2025/blog-as...

It's live. You can now chat with CloudSecList.

I turned 6+ years of CloudSecList newsletters and CloudSecDocs articles into something you can actually query.

Test it out and let me know what breaks: cloudseclist.com/ask/

Newsletters are great but they're static. What if you could chat with one instead?

Coming soon at cloudseclist.com ...

👀

Bit of a personal news: this week I passed the exam for the Certified Chief Information Security Officer (C|CISO) certification 🎉

This is the most straightforward and crisp explanation of database sharding I’ve seen so far. Plus, the nice animations make it easier to see concepts in practice

planetscale.com/blog/databas...

Oh wow did AWS just update their UI for the first time in a decade?

✍️ Just blogged: “Building an AppRunner on EC2 with Cloudflare Zero Trust Access"

How to automate the deployment of a private AppRunner instance on AWS that hosts multiple internal apps securely behind Cloudflare's zero-trust access controls

blog.marcolancini.it/2024/blog-bu...