HackerTrans
TopNewTrendsCommentsPastAskShowJobs

0xmutt

no profile record

comments

0xmutt
·2 года назад·discuss
Sane defaults would be great. The amount of interruptions on a day to day basis I would imagine is a significant drain on the collective attention span.
0xmutt
·2 года назад·discuss
Agree heavily. Async mediums that interrupt like Slack with all the notifications stink.

Having good habits around notification and interruption management is important. As is making sure everyone understands and operates within the same mindset.
0xmutt
·2 года назад·discuss
Correct, email is also async. I was mainly providing my experience with respect to Slack or other async communication methods. I could have been clearer.
0xmutt
·2 года назад·discuss
Entirely possible! I would not be surprised if that is the case. That seems most likely when you boil down the context of the (likely) situation.
0xmutt
·2 года назад·discuss
With regards to Slack or other asynchronous communication methods, its generally a mixed bag in my experience. Folks still tend to target some and not all of the points. Which then leads to more follow-ups.

I wonder if this has to do with other interruptions on Slack (or other mediums) occurring at the same time. Pretty common to be responding to something only to be interrupted by something else that pulls your attention away.
0xmutt
·2 года назад·discuss
Thanks for sharing! Throughly enjoyed reading through these posts. Learned about some interesting Firefox settings to try out.
0xmutt
·2 года назад·discuss
Thanks for the list!
0xmutt
·3 года назад·discuss
Absolutely nailed it with this take. This summarizes the sales enablement piece perfectly.

Unfortunately business benefit is easiest to quantify from a sales enablement perspective as opposed to a security program perspective. Agree wholeheartedly you need to do (3) to actually move the needle on security.
0xmutt
·3 года назад·discuss
I agree with this notion. The issue is you need the security attestation and certifications to give folks in the sales cycle the warm fuzzies. These pedantic measures are directly a pathway to sales enablement and revenue. The actual securing and maturity work is a side benefit.

On the other side of the coin, if a vendor does not have paperwork and evidence to support their programs - how does one as a purchaser or security reviewer verify? Organizations only act truthful to an extent that benefits them. Quality of audits and supporting paperwork is a real mixed bag. Unless you’re an Amazon you’re not going to get the chance to audit your vendors and sub processors outside of reviewing this type of documentation.

The entire process is broken.