@Infosec_Taylor I have yet to be successful using Agile for any kind of infosec role that is "interrupt-driven", where something can pop up at a random time and derail your entire sprint. Every sprint.
English
Zate
16.8K posts
Zate
@zate
Once and now Reformed Infosec Leader of Team Supr Awsum | Defender of Users Over Engineering Hobbies is my Hobby @[email protected] @zate75 on Threads
Katılım Kasım 2007
735 Takip Edilen1.9K Takipçiler
Not even 30 minutes after we finished PI Planning, someone came in and doubled the scope on an Epic.
Be Agile they say... it'll be fun they say... 😭
English
@AccidentalCISO Fun fact, I was a surveyor & meteorologist in the Army (Artillery) before I got into tech stuff. Turns out, if you know where you are accurately and what the air between you and the boom point is like, much easier to put the boom bits on the boom point.
English
There are a lot of similarities between meteorology and InfoSec.
English
@dinodaizovi @thegrugq @dotMudge @SummerC0n Often it's not awesome for privacy and many implementations have holes that lend to being abused to cost the company money or cause privacy issues, or both. When implemented badly its value vs cost can be terrible. I do agree for most cases its impact to atos is enough.
English
Where @dotMudge makes an important point at @SummerC0n: real data on ATOs shows that SMS 2FA is fine for the vast majority of users. It prevented 100% of 3.3B automated password stuffing attacks, 96% of 12M bulk phishing, and even 76% of <10k targeted attacks seen over last year.
English
@addyosmani I used this image and it worked ok. Really I need to turn diagrams into a struct of data to include alongside a human written description of a system to use with fine tuned/trained models for enhancing threat modeling.
English
@zate Bard can OCR image text & reason about in-image hierarchy. To that end, I believe it could but happy to try it out on a specific example if you have one in mind.
English
Tested Bard converting a screenshot to HTML/CSS.
Here's the input (GoogleStore.jpg, prompt) & output. Still a ways to go with accuracy, but bootstrapping a starting point for developers feels like it will get easier. Excited about the future of multi-modal support.
English
@DynamicWebPaige @addyosmani @JackK Yeah it seemed to do ok. Now I need to work out how to actually use that type of stuff in a tool, with using a public API set and being able to control more of who has access to the data and being able to fine tune the model(s).
English
GIF
English
At last, an actually useful view on #AI Risk / #AI Assurance - developer.nvidia.com/blog/nvidia-ai… from @NVIDIAAI
Real talk, not just high level waffling and generics that no one can actually apply.
#airisk #aiassurance #ai
English
@adam_baldwin "Part of building a product is making sure it is secure, and it is a base feature, not something we upsell for."
English
@PaulTassi They are participating in "pay to win" with the only currency they can't get more of. Their time.
English
Yeah people defending the ultra-rare Diablo uniques aren't really getting it. This isn't "oh cool something rare to farm!" You are not farming, you are trying to get struck by lightning. Two of these total were found out of millions of players in like two weeks
Char@CharOnTwitch
Idk dude, call me a casual or whatever but I feel like if an item is so rare that after millions of game hours your core player base isn’t even sure they exist, and you have to announce that they’re real, then maybe the drop rate is just a bit too low
English
@PwnShip @killedbygoogle I'm there with you at this point. Starting a slow but deliberate retreat from @madebygoogle products where it makes sense. Likely starting with Nest, then my devices, and we'll see how I feel after that.
English
@killedbygoogle This is why I'm going to move EVERYTHING off Google. Anything that isn't search, seems to just be a hobby for them.
English
THIS JUST IN:
GOOGLE PIXEL IS GETTING AXED.
Alex Maxham@alexmaxham
Apple released so many updates today. Meanwhile Google hasn’t even rolled out the June update to most Pixels…
English
@RodFergusson @PaulTassi Hey Rod. That makes seasons a nonstarter for me. Takes me too long to get to 100, I'll never be able to make progress in the season because I'll spend most of it leveling to 100. Leveling is boring as fuck once you've done the story once.
English
@PaulTassi Hey Paul, yes to take part in the seasonal questline, mechanics, season journey and battle pass, you will need to create a new seasonal character. Playing campaign with seasonal character (if you so desire or need to finish) will also progress the season journey and battle pass.
English
I did not do previous gen Diablo seasons so I don't really fully get it. If I don't want to level season-specific characters from scratch, can I still use my "permanent" ones to progress the battle pass?
English
@cybersecmeg It's not that simple but agree it's a thing we should do.
Having the potential to do something and the experience of having done it are different.
Different again and hardest to find are the people who can workout how to do new things based on existing experience.
English
Zate retweetledi
Kubernetes has single handed set our industry back a decade.
Companies are going to die because they spend more time “managing Kubernetes” than building a product.
English
@chrisrohlf I'm leaning towards increasing my deployment of ubiquiti stuff and using their cams and systems.
English
@zate Yep, the Nest authentication story is a mess. iOS app is broken, I’ve reported bugs that aren’t fixed years later. They also EOL’d Nest Secure.
English
The Google domains stuff has me thinking I should cancel my tablet order with @madebygoogle and go Apple. Wife wants a smaller phone. I've moved from Chromebooks to mac's already. Maybe it's time. Sitting outside the apple store in Sydney as I type this lol.
English