Hello

I’m Valency Colaco

Cybersecurity & AI/ML Researcher

Sweden
Ground News

Top stories with media bias

Ground News top stories, each with a left / center / right source breakdown so you can see who's covering what. Newest first.

Top stories and bias data sourced directly from Ground News. Each bar shows the share of coverage from Left, Center and Right-leaning outlets; the legend lists the source count per side.

Intel desk

Cybersecurity updates

Vulnerabilities, exploits, patches and incidents — straight from the sources security teams actually read.

Sources: The Hacker News · BleepingComputer · Krebs on Security · SecurityWeek · CISA advisories · CISA Known Exploited Vulnerabilities catalog.

Arcade

Pick your poison

Six glass-built games that run right here in the browser. High scores and chips are saved on this device.

Publications

Selected research

Formal verification of tree ensembles, real-time evasion detection, and ML security in safety-critical systems. From my Google Scholar profile.

2026 Conference paper

Improving SIEM Rules using Transformer-Based Rule Evasion Detection and Attribution

Erik Nordström · Hannes Widén · Valency Oscar Colaco · Simin Nadjm-Tehrani

A transformer-based approach that detects SIGMA rule evasions with accuracy comparable to the state of the art (AMIDES, USENIX 2024), achieves a false positive rate of less than 1%, attributes evasions to specific rules, and recommends fixes, several of which have been accepted into the SIGMA repository.

Paper Accepted to IFIP DBSEC 2026 ↗
2025 Licentiate thesis

Hardening Tree Ensembles: Real-Time and Effective Evasion Defences Beyond Adversarial Re-Training

Valency Oscar Colaco · Linköping University

This licentiate thesis shows that proactive defences such as adversarial retraining are ineffective for tree ensembles and can inadvertently make them more vulnerable to evasion attacks. Along these lines, it introduces Iceman and Maverick - two reactive prototype systems that advance the state of the art in evasion detection performance and speed, without modifying the underlying tree ensemble.

Read full thesis ↗
2025 Conference paper

Real-Time Evasion Detection in Tree Ensemble Automotive Intrusion Detection Systems

Valency Oscar Colaco · Simin Nadjm-Tehrani

Maverick: an autoencoder-based detector for evasion attacks on tree-ensemble automotive IDSs - achieving identical detection accuracy to the state of the art (OC-Score, ECML PKDD 2023), while providing 85–563× faster detection speeds that enable real-time operation within the constraints of automotive CAN networks.

Read paper ↗
Write less, ship better

Configure AI Agents to Write Code Efficiently

An integration guide for ponytail — a lightweight ruleset that makes your LLM coding agent lazy about the solution and never about the reading.

What it is

A ladder of seven questions

Before writing any new code, ponytail makes the agent climb a ladder — each rung asks whether the task can be solved with something that already exists. It writes the absolute minimum, only when nothing else fits.

  • 1. Does this need to exist? → YAGNI
  • 2. Already in the codebase? → reuse it
  • 3. In the stdlib? → use it
  • 4. A native platform feature? → use it
  • 5. An installed dependency? → use it
  • 6. Solvable in one line? → one line
  • 7. Only then: the minimum that works
Why it works

Lazy, not negligent

The agent is lazy about the solution but never about the reading — it scans the existing code and dependencies thoroughly before suggesting anything new. Trust-boundary validation, data-loss handling, security, and accessibility are never on the chopping block.

Benchmark: −54% LOC · −22% tokens · −20% cost · −27% time · 100% safe.

Direct line

Say hello

Fill this in and it lands in my inbox.

✓ Message sent — thanks! I'll get back to you soon.
Captcha-protected — you'll verify you're human on the next screen.