Desiree Sacher

thanks to the amazing @Ministraitor the recording of my talk is already up: youtu.be/qdgY6aAfUAk . it is aimed for #blueteam struggling with #vulnerabilitymanagement thank you @a41con for having me. it was a great honour to come back like this! #area41 #cyberdefense

I’ve trained many analysts over the years - inside my own teams, in SOCs, CERTs, and various internal security teams. And lately, I’ve been noticing a trend that deeply saddens me. There’s an increasing number of young professionals who struggle with the grind of our work. They get simple but necessary tasks - tasks that transform indicators, rework detections, or retrieve and process data - but they return flawed results, late and incomplete. Some even let AI do the work without checking if it's correct. And when I ask why, the answer, directly or indirectly, is often the same: "I want to do the exciting stuff." But the truth is, 97% of what we do in cybersecurity is not exciting. It's slow, repetitive, and requires patience. We grind through logs, extract data from reports, and refine rules. Most of the time, we don’t see the direct impact of our work. A signature written today might detect something crucial in a customer’s system six months from now, and we’ll never even know. But every small piece matters. What saddens me is not just the impatience, but the lack of care. The unwillingness to put thought and effort into something seemingly simple. The failure to reflect on how to make a task better. This goes against something deeply ingrained in my upbringing - a principle that I believe is also deeply rooted in both German and Japanese culture. In German, my grandmother would always say: "Mach es gescheit." It’s hard to translate precisely, but it means: Do it properly. Not just complete a task, but do it in a way that is solid, thoughtful, and more than just "good enough." It doesn’t mean perfection - it means putting care into what you do, even if no one else will notice. The Japanese have a similar philosophy, one that I greatly admire. There is a word, "shokunin" (職人精神), which means more than just "craftsman." It describes someone who dedicates themselves fully to their craft, always refining, always improving. Even in the smallest tasks, a shokunin finds a way to do things better, not because someone told them to, but because they take pride in their work. I was reminded of this when I thought about my uncle, who was a carpenter. When I was a child, I watched him finish his masterpiece for his final exam - an intricately crafted dresser. After days of sanding, polishing, and checking every tiny detail, he wasn’t done. He took out a small, hand-carved wooden rose, which he had made separately, and carefully placed it on the dresser’s ledge. It wasn’t required. No one had told him to add that ornament. But he did it because he cared. Because he wanted his work to be more than just acceptable. And this is what I want to see in young professionals today. It’s not about making flashy things, or chasing after excitement - it’s about taking pride in your craft, even in the smallest details. Because in the end, that’s what makes a difference. So my advice is this: Whatever you do, do it gescheit. Do it like a shokunin. Put care into your work, even if no one else will see it. That’s how you grow. That’s how you build trust. And in the long run, that’s what will set you apart.

👑 5:41 für jeden Politiker – nicht nur in Kanada. 🫳🏼 🎤

I strongly recommend turning this off. It's unbelievable that they quietly enabled this while everyone was focused on their 'Recall' AI feature. Now they're collecting and using everyone's Microsoft Word and Excel data to train their AI models.

From Ruins to Resilience: How Developing and Utilizing Open Source Solutions Enhances CSIRT Capabilities #csirt #cert #opensource #infosec 🔗 foo.be/2024/10/How_De…

Sad I only can repost this once. This has been my experience as well. Yes commercial tools have their need, but so does open source in CSIRT land. It also gives individuals a way to talk about their work externally, when they cannot about cases.

@pinkflawd i even stopped drinking green tea for now, too much adrenalin flooding my body already naturally.. i blame my COMT gene for that..

There it is, I'm back to drinking decaf cause I'd rather have ADD than heart palpitation on an early morning meeting. On other news, can someone explain to me why high tech turned into a collective burnout swamp within less than 2 years?

A few #DC4131 people will be in Vegas for HackerSummerCamp - come & say hi CüpliHacker @mylaocoon also has some free swag to hand out…

MSFT CVE-2024-30103 and CVE-2024-30080 are 🔥PATCH NOW!

@0xc0ffee @stoege that was booked about 3 years in advance. i initially hoped that i could make it, but than with preconference board meetings it became clear how unrealistic that was.. miss you all and hope to soon get another chance to see you guys!

@d3sre @stoege Still wonder who decided that the FIRST conference will be at the same time on the other side of our planet..

#area41 is booting up

Live streaming of #Area41 2024 track 1 is live: @defconswitzerland?si=zNSSv8WjZbNUqGuE" target="_blank" rel="nofollow noopener">youtube.com/@defconswitzer…

❗️ #CERTWarnung ❗️ In Check Point Security Gateways wurde eine #Schwachstelle mit bereits beobachteten Angriffen geschlossen. Der Hersteller hat ein Skript bereitgestellt, mit dem verwundbare Komponenten im eigenen Netzwerk identifiziert werden können. bsi.bund.de/SharedDocs/Cyb…

Don't miss your chance to get tickets for #AREA41 in June in Switzerland! The last tickets will go on sale on Tues May 7th at 19:00 CEST. Hurry up before we sell out! This is your last chance as we are at full capacity. a41con.ch

Europe is maybe two months from passing laws that end private communication as we know it, and folks are looking the other way (understandably.) You’re not going to get a do-over once these laws are passed.

Next security meetup im Zurich:  April 09 –  18:30 CEST – Schiffbau Bar – Our warehouse sized home from home… beerontuesday.ch/?page_id=19

Heroes and villains always have the same back story—pain. The difference is what they choose to do about it. Villain says “the world hurt me, I’ll hurt it back” Hero says “the world hurt me, I’m not gonna let it hurt anyone else.” Heroes use pain. Villains are used by it.

can’t sleep?!? why not submit a talk for the AREA41 conference - we are the ones with the cool electronic badges in Zurich area41.stfn.ch/2024/

the CallForPaper for AREA41 conference is open! Submit your A game of technical research to be a part of this conference🤓 ⏳You got till end of April⌛️ area41.stfn.ch/2024/

my team and i want to get some feedback on what kind of #FalsePositives in #CyberSecurity #Monitoring everyone is tackling and what the strategies are. we appreciate your input and your time (~ 9 minutes to complete). forms.office.com/e/6NC4BqGSRd thank you 🙏🏼

ICYMI BlackHoodie is going to Austin, on February 23rd in cooperation with @_ringzer0 we're offering a free introduction to reverse engineering for women blackhoodie.re/Ringzer0_Boots…