J.J. Guy

This is the essence of being a hacker.

@zebriez British Special Forces uses the phrase "switched on."

I'm looking for a word for "get it-ness." Something to describe that sense you get of a person that "gets it." Usually immediately apparent. contenders that are close but not quite it: awake. in the details/close to the metal. high-agency.

News flash: your top security priorities in a world where attackers move faster thanks to AI tooling are... ...the exact same as they are today. CIS Top 20 is still the CIS Top 20. Execute those well, you'll be better prepared than your peers. And remember: attackers are lazy.

@jiratickets San Antonio

name the city?

.@SevcoSec product reviews meet generative AI. 🔥 Get the full track list at songmyreview.com

Hey @LinkedIn - your newly aggressive notification preferences are so loud and your UX for disabling the types so tedious I am on the precipice of turning off all notifications from everywhere. That’ll make my experience worse, but right now lesser of two evils. Please fix.

A preview of what's coming soon from @SevcoSec. SO MUCH fascinating and never before seen data to dig through!

@jeremiahg @SevcoSec I was wrong. At least in this [one, small] sample it is ~25% differing results: One org, ~10k devices, ~21k total CVEs, two sources of CVEs. ~75% of those CVEs reported by both. More to come soon!

@jeremiahg @SevcoSec Overlapping. We’ll see what the actual numbers end up like, but in general I expect wider variance than most end users expect. Smaller variance on a single machine, increasing as count of assets compared increases.

For those who have tested, if you runs vuln scans from Qualys, Tenable, and Rapid7 on the exact same assets... would the reported vulns between them be 25% the identical? 50%? 99%?

@stryde_hax @5twenty9 @scar_sec @HackingDave @MarcSlaughter Can’t be a phony if you lived in Raymond House!

@jjguy @5twenty9 @scar_sec @HackingDave @MarcSlaughter CWRU alum checking in (potentially a phony with my two years and junior transfer)

Touring colleges this weekend with oldest son, he’s going to be a junior this year. This is fun , I think he’s going to major in computer science and minor in business. We shall see.

@5twenty9 @scar_sec @HackingDave @MarcSlaughter Gotta be that @stryde_hax guy

@scar_sec @HackingDave @MarcSlaughter @jjguy I know I’m a great CWRU alum - who’s the other?

📣 @jjguy will be talking Vulnerability Management & Asset Inventory at #ThursdayDefensive tomorrow. We hope to see you there! reconinfosec.com/thursday-defen… #cybersecurity

@HNStatus site is down

@secprentice @TheSharp0ne Here's a screencap from the console showing the overlap between Crowdstrike, Active Directory and SentinelOne. (lifted from a client during their migration from S1 to CWRD) sevcosecurity.com/book-a-demo/ or DM me to get rolling

In six months of working for an MDR that services all manner of industries, I feel like any time I see an incident occurring it started on an asset that didn't have EDR installed.

@iggyf @TheSharp0ne @ryujin 👍👍❤️ I will never forget the plate of humility you served us! We were a bunch of former VR guys whose sense of identity was strongly wrapped around finding non-pubs. To have someone else find them in our own software hurt!

@jjguy @TheSharp0ne Those were fun times for @ryujin and I as well!

Fixing this is @SevcoSec‘s mission.

🧙‍♀️ CISO Story Time This is not exaggeration. I have a good friend. He's a CISO of a multinational organization in the technology sector. We talk often. Market trends, sales, and business regulations had the business decide to open an facility in China. a 🧵 👇

CISO: How many windows hosts do we have? Sevco admin: "9,618 between EC2, AD and S1. That good or do you need something more specific, boss?"