Fun fact, ping 0 works because 0 is the IP decimal notation of 0.0.0.0. One of my favorite age-old WAF bypass since it doesn't match octet notation regexes that are often in place.
It looks like you still have this kind of capability. You might need to adjust settings and supply KYC info as requirements change. From the Fraud Guard docs, "You can mark known phone numbers using the Safe List feature so they are never blocked."
Moving from cold to hot wallets in an environment with regulatory requirements, redundancy, multiple partial keyholders, and offsite storage could easily take days to weeks and require scheduling access to the physical vault holding the cold storage. You're conflating hot and warm storage - warm can replenish hot but cold requires physical access to somewhere ideally unrelated to where day-to-day operations run.
As a member of the Security community, it's disappointing to hear that this is the perception on the table, because our community can and should do much better than that. In my experience and goals, the best Info/AppSec/SecEng teams put people before processes, build guardrails instead of walls, and demonstrate first hand what they want to see engineering teams doing. If you're open to it, I'd like to offer perspective on why some of the perceptively dumb things that sec teams do, do.
Those automated tools are better than ever. Manual code reviews are very important, but automated tools at this point can stand in for "over the fence" pre-production code reviews, as long as periodic reviews occur. In particularly sensitive contexts, especially finance, code is always signed off on by security before release when it can have impact on anything important. It's all about risk management.
Additionally, the cloud and SaaS is nothing like it was a decade ago. Security is now more focused on compliance due to the nature of building software today. You used to maybe provision a handful of nodes on EC2, use an autoscaling group if you were super fancy, and probably integrate into a handful of third party APIs. Every business is different, but that was the core of running a workload. Now, I can delegate specific responsibilities to third parties and reduce both people and operating costs. But with that comes massive risk since you just transferred an internal business function to a third party you have no control over. The most common approach to that risk is through process: vendor reviews, compliance and cloud posture security management.
And then there's DevOps who ends up being ad-hoc security way too often with no relevant background (or interest).
All that to say, good, compassionate security teams do exist.
It looks like it dropped a few months after TFC[1] with a bunch of additional features. At least these days, Teams supports Sentinel, and in personal use cases, I've had TFC be backend and threw a git pre-commit hook at it for Sentinel on my machine. My guess is that for some time, they wanted to focus on enterprise sales and Sentinel was an easy way to upsell. SSO still makes Business worth it though.
I never understood this sentiment. Hashicorp offers Sentinel for free [1], publicly. The documentation is also open [2]. There's also open rulesets for CIS benchmarks [3] (minimal but demonstrates what Sentinel can do), and a ton of public drop-in rules for several clouds [4]. There's helpers [5,6] for common use cases, supports custom integrations [7] and it can be run in CI [8].
My stance is that YAML is a good format for configuration management and generation -- it's wonderful at filling gaps as your deployment model increases in complexity to provide a mechanism to "render" your configuration -- much like Skylark [1] does (derived from Google's internal GCL).
YAML ends up being a powerfully declarative model [2] for the state of a data structure, rather than a straight representation, ironically often enough being used in turn for an imperative model like in Ansible [3]. Definitely friendlier than JSON. But personally, I really like YAML because it lets me compose using a traits/mixins-like model using & and *, which allows for verbose, structured configuration inputs but concise configuration files.
docker-compose YAML files extension fields [4], imo, are a great example of this type of model in action. When you leave this much pre-deserialization flexibility in your configuration representation, it makes building cool stuff like docker-compose ECS support x-aws-* extension keys [5] and other plugin system-type capabilities much more straightforward than, for example, adding a new language feature to HCL.
I have a near-photographic memory that's been tested as I grew up, and personally, it's a mixed bag.
I have a solid and clear recollection of the good, which is useful from a business management and engineering career perspective. Literature retains on the first pass, which is very useful in operations for manual/business requirements/security framework ingestion, and I don't need to keep a TODO list or agenda (but still do for transparency's sake to my reports and superiors). Having an excess of information readily available gives a lot of opportunity to drive impact, and has allowed me to move vertically in my career very quickly. There's a feedback loop of retaining information, which presents me as more qualified to offer support to my peers, which puts more people in my direction soliciting input and building a positive reputation. With that, I made leadership in my early twenties, and it feels like it took less effort than some others to get here, based on what I've heard from other people.
Unfortunately for me and I'm sure others, I've been through a lot, and all of that retains just as well. It's not an active decision to retain. I'm not going into much detail on those events, but I've encountered about a dozen substantially negative events in my life, and having the information for those who've needed it has been helpful when necessary. It's been empowering to revisit those moments from a different angle as I've worked through those challenges.
All in all, not to be too cliche, but it's both a gift and a curse, but one I'm grateful to have.