Oh look someone has ripped off most of my designs. They have also copied dozens of other sticker makers in the hacker community. I've reported them, but if they've stolen from you, you may want to report them too:
www.etsy.com/listing/4357...
Wrote up some thoughts for how Okta is getting squeezed from all sides: squished by Rippling at the bottom, Msft at the top, and other markets and startups in the middle.
I hope you love some red string diagrams π€£
ventureinsecurity.net/p/the-unbund...
Check out our cofounder @mayakaczorowski.com's post on @frankw.bsky.social's Frankly Speaking on how modern security teams are scaling.
Read the post for the new commandments of security teams: franklyspeaking.substack.com/p/the-new-co...
@wbm312.bsky.social and I's talk from BSidesSF is now online: www.youtube.com/watch?v=wiq2...
Play along to learn about incident response!
What I've been up to the last few months: working on the untrendy but important problem of authorization in corporate environments. Check it out!
Yes! I find Subframe super easy to build and iterate on a reasonable prototype quickly. I also like that itβs relatively opinionated so what youβre building is consistent, not completely made up
βIβd rather eat something off Amazon than buy an SD card off Amazonβ
I dug into the FedRAMP marketplace data and see just why FedRAMP is so hot right now π₯: while new authorizations haven't increased much, re-uses are skyrocketing.
Take a look at who is selling the most to government, and which agencies are buying: mayakaczorowski.com/blogs/fedramp
βLet's say you've got horsepower and bandwidth to burn, and just want to see these AI models burn. ... It's also sort of an art work, just me unleashing shear unadulterated rage at how things are going.β
love to see it
www.404media.co/developer-cr...
Dear Santa: please no more security dashboards this year. We've got enough tools telling us about problems and that don't work well together β how about some that help the security team scale?
My wishlist for better security tools from an imaginary CISO: mayakaczorowski.com/blogs/ciso-wishlist
Zero trust: everyone (was) talking about it, but how far did we get? From inventory basics to the long tail of unsolved challenges, here's a realistic look at where you are in your zero trust journey, from a talk @ericchiang.bsky.social and I gave in 2022 π mayakaczorowski.com/blogs/road-t...
@mayakaczorowski.com and I are publishing the write up of our 2022 NorthSec talk on the hard parts of zero trust. Which made me wonder, how's that US executive memorandum requiring agencies to adopt ZTA by 2024?
ericchiang.github.io/post/zero-tr...
What keeps security leaders up at night? I interviewed 57 CISOs and security leaders to find out. The answers were surprisingly consistent: access management challenges, vulnerability management complexity, and limited SaaS visibility. Read the post: mayakaczorowski.com/blogs/what-s...
him: "you have so many passwords in data dumps"
me: "wait is my neopets password in there? I want to play but if says i don't have an account"
(Itβs been just over a month π€·ββοΈ)
I havenβt used the United app in so long I need to redownload it π
βI donβt know why, I just know champagneβ
I canβt find where my paper towel is supposed to go
βChapter 10: higher educationβ
Iβm in a fancy restaurant in Palo Alto and thereβs an audiobook playing in the bathroom
@twitchyliquid64.bsky.social hello hi
iβm too old for this
