DR
@patched-atlas.fyi
Cybersecurity specialist, occasional musician and giant with a great bushy beard. Often mistaken for a European brown bear who just woke up from hibernation.
How did we end up in the timeline where #piracy somehow exposes me to less ads than actual #streaming services?
December 8, 2024 at 3:04 PM
How did we end up in the timeline where #piracy somehow exposes me to less ads than actual #streaming services?
I've been saying we need new metrics for years. #CVSS is a lightning strike metric. It only tells us how bad it is if we get struck by lightning, not how likely that strike may be. Stepping up to country-scale analytics, it is a relatively useless metric.
'Critical' #vulnerabilities are only critical if they can actually hurt you
Severity scores without context are just numbers Real #RiskManagement requires understanding your specific exposure and attack paths
Vendors can't score for you, only you can score your risk
#AppSec #CVSS #EPSS #SSVC #VEX
Severity scores without context are just numbers Real #RiskManagement requires understanding your specific exposure and attack paths
Vendors can't score for you, only you can score your risk
#AppSec #CVSS #EPSS #SSVC #VEX
December 8, 2024 at 5:18 AM
I've been saying we need new metrics for years. #CVSS is a lightning strike metric. It only tells us how bad it is if we get struck by lightning, not how likely that strike may be. Stepping up to country-scale analytics, it is a relatively useless metric.
Looking into Bluesky's supposed #BotProblem turns up some interesting data: The bot accounts I'm trying to test on don't exist long enough for me to get any meaningful data.
Good job, @bsky.app. But can we get a dataset of bot accounts and their interactions? Need data for detection attempts.
Good job, @bsky.app. But can we get a dataset of bot accounts and their interactions? Need data for detection attempts.
December 6, 2024 at 8:24 AM
Looking into Bluesky's supposed #BotProblem turns up some interesting data: The bot accounts I'm trying to test on don't exist long enough for me to get any meaningful data.
Good job, @bsky.app. But can we get a dataset of bot accounts and their interactions? Need data for detection attempts.
Good job, @bsky.app. But can we get a dataset of bot accounts and their interactions? Need data for detection attempts.
Next time that you think your #cybersecurity team is being difficult, always remember: It could be so much worse.
patched-atlas.fyi/posts/2023-0...
#infosec #cyber
patched-atlas.fyi/posts/2023-0...
#infosec #cyber
The World's Least Convenient Access Control System - Part 1: Architecture | Patched Atlas
patched-atlas.fyi
November 25, 2024 at 2:38 PM
Next time that you think your #cybersecurity team is being difficult, always remember: It could be so much worse.
patched-atlas.fyi/posts/2023-0...
#infosec #cyber
patched-atlas.fyi/posts/2023-0...
#infosec #cyber