Notices by Matt Franz (mdfranz@infosec.exchange)

Headline: "An AI startup CEO on a Forbes '30 Under 30' list has been charged with defrauding investors out of $10 million" <- no fucking way!?

@br00t4c The ads on that site make me suspicious of their journalism

Ratio of Harris to Trump signs is probably 10:1 in my neighborhood.

And some of the houses of “Known Trumpers” have taken their MAGA flags down.

@patrickcmiller Ban Virtual Machines and Containers.

@dalias @alecmuffett @dave_aitel "ocean of garbage" meaning the code and services you (or your team) didn't write? Or the underlying cloud infrastructure your service depends on that has limited control over? Or upstream/downstream services?

@dalias @alecmuffett @dave_aitel I have a SaaS bias, but many vulnerabilities are cross component often because so few security folks understand the end to end an full stack view—or security functions are delegated to another component.

@alecmuffett @dalias @dave_aitel That (well-intentioned) nonsense would never survive in any commercial product company where the bar for delivery is "mostly works most of the time" with a bare minimum of somewhat tested and in CI/CD as the happy path.

@dave_aitel I guess I’ve been in security (and product companies) too fucking long to believe that is even possible.