CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.

Phoenix, AZ
Joined July 2009
Filter
Exclude
Time range
-
Near
This is what I did to move from webdev to appsec, but in my 40s. I took an entry-level, low-paying job at @whitehatsec to get my foot in the door, then pivoted to the @PayPal security team. Best career choice ever, even though I nearly went bankrupt. bbc.com/worklife/article/201…
3
Thems is foo fighting words!
Replying to @Jhaddix
We were using checklists 10+ years ago at @whitehatsec. Likely anyone who has worked in a professional setting with other pentesters would use them for consistency and quality.
1
Replying to @mkonda
You might check out Thrive by Brendan Brazier. He’s a vegan Ironman competitor (or was). nitayoga.com/wp-content/uplo…
1
1
Spam is getting more creative. Or my fate hangs in a delicate balance. Hard to know.
Why does @apple force children under age 13 to use the iCloud.com email service as their Apple ID? Appears to contradict their privacy promise.
Replying to @cryptodavidw
Try turning off the auto events from Gmail and see if the problem goes away. support.google.com/calendar/…
1
The Federal Government and Congress should add crypto backdoors into all of their systems to show the public how great it is. Best part, pretty sure @realDonaldTrump can get Russia to pay for it!
When even the *American Library Association* is telling you back doors are wrong, I dunno, maybe you should listen. #SaveSecurity
1
Replying to @frgx @arturjanc
The units are unspecified, could be 10 slaps.
2
GIF
Replying to @swagitda_
Nah, if I were to go after the stock market, this is how I’d do it. latimes.com/business/la-fi-s…
2
Replying to @realhamed
Really important messages wait until I’m back at my computer for that reason.
1
Answer questions using interpretive dance.
Replying to @realhamed
I had it off for a while, but it added a LOT of time to manually correct the mangled mess that is phone keyboard typing. Gave up and turned it back on and try to proof read better with mixed results, but still faster overall.
1
There are 20 candidates for @OWASP Board election, including myself! Happy for so much interest, but puzzled by candidates that have a near-zero presence in OWASP wiki (many only appear on the election page). Be careful of mystery candidates! owasp.org/index.php/Staff-Pr…
1
Replying to @iMeluny
Is this related to ISO/PC 317 and the work by @ansidotorg? iso.org/committee/6935430.ht…
Interesting, @ToyotaFinancial wants me to fill out a satisfaction survey from a recent call, but I sat on hold for 10 minutes and hung up without speaking to anyone. Guess they know who I am from caller ID, but don't know that I never actually connected with an agent?
Replying to @HelenNegre @Belyvr
For those that are warring, seems odd to spend so much negative mental energy on people who are *on your side* instead of actual adversaries, who are presumably showing up with popcorn.
1
Replying to @epenzeymoog
No, the opposite. “Orchids” are very sensitive to their environment, “dandelions” are robust and can make anything work. Those dandelions appear indifferent, but in their world, it works out regardless.
Replying to @epenzeymoog
This book will explain so much. I listened to the Audible version, it is excellent. goodreads.com/en/book/show/3…
2
Perhaps your mobile carrier sells data to a broker, so while the browser is incognito, your mobile carrier knows who you are. Or uses unique headers, although I thought they stopped doing it, eg: ftc.gov/system/files/documen…
1