Cybersecurity on Rezak AZIZ | Cybersecurity and Infrastructure Engineer | PhDhttps://rezakaziz.github.io/categories/cybersecurity/Recent content in Cybersecurity on Rezak AZIZ | Cybersecurity and Infrastructure Engineer | PhDHugo -- gohugo.ioenFri, 10 Apr 2026 15:17:01 +0200Excessive Agency: Why Human-in-the-Loop Is Not Enoughhttps://rezakaziz.github.io/post/genai-security-excessive-agency/Fri, 10 Apr 2026 15:17:01 +0200https://rezakaziz.github.io/post/genai-security-excessive-agency/Learn how excessive agency in LLMs and AI agents creates new security risks. This article explains how over-permissioned systems, prompt injection, and hidden data exfiltration can bypass human-in-the-loop controls, and explores key mitigation strategies aligned with OWASP and modern AI security practices.Why Threat Models Matter in Security Research ?https://rezakaziz.github.io/post/threat-model/Wed, 11 Mar 2026 16:30:16 +0100https://rezakaziz.github.io/post/threat-model/<p>Over time, while reviewing and reading cybersecurity and privacy papers, I notice something that bothers me more and more: <strong>some papers claim security or privacy guarantees without clearly defining a threat model</strong>.</p>