As a biased person who uses correlated alerting, I'm really glad to see this become first class is new SIEMs!

I haven't seen this productized yet, and I know everyone wants to fix their detection stack. Getting away from 'one-for-one' alerting is the first step

Mate in 1.

Look between f and j on your keyboard.

'1st security engineer' is a weird job

There is a lot of good advice out there from folks who've done it before like @devd evan j Arkadiy Tetelman 🇺🇦 Tad Whitaker

But there are also a lot of bad practices

Here's a 🌶️ take on '10 Things Your 1st Security Hire Shouldn’t Do'
1/6

Respect to the Humane folks for building something and shipping it and having a dream.

I don't know why anyone would want a physical device that does this though, and other AI companies have done the same which is weird. Why build hardware when the software doesn't have pmf yet

It’s amazing how difficult it is to spend money and receive a pdf or epub

It’s all these DRM versions of books instead

Regardless of the details of what's been going on with the hashicorp and opentofu stuff

The optics of switching up the license and sending multiple C&D letters is pretty bad

opentofu.org/blog/our-respo…

We released pql.dev just over a month ago and we have something even cooler planned at RunReveal , starting development soon.

Should be an exciting post-RSA launch

Over the past few days I've been amazed at how expensive load balancing products are.

One of our ELBs went up in cost by like 700%, luckily we had a way around it but we couldn't actually find cost effective options (and to be fair, wasn't easy to do ourselves)

As much as I tried, I couldn't get chatgpt to generate me a correct 5/3/1 program template along with the days that the exercise needed to be done.

Really interesting how LLMs can seem really good at one task, but be obviously really bad at a similar tasks.

This is a big deal: possibly the first true edge-optimized Python runtime. It's based on the CPython interpreter (the one most people use), but multiple applications can share the same copy of the interpreter securely. How? The key is Wasm dynamic linking.

If you're wondering what we've been up to at RunReveal after launching pql.dev, we've been busy.

You've got to see how good our platform looks and we've got a lot planned

I love the smell of phishing domains in the morning

I was a cloudflare boomerang but before I went back someone wise told me

“The second time you work at a company is always better”

And I said “that can’t always be true”, but in my case the person was right.

C∎V∎E ∎∎∎ I∎N ∎∎∎ B∎I∎O

👀👀crt.sh has been down at least the last 2 days...

Wondering if they need help? I'm happy to lend a hand, but haven't really seen a story or any information about it.