Hal Pomeranz @hal_pomeranz

I am retiring this social media account. Find me as @hal_pomeranz@infosec.exchange

 Orlando, FL
deer-run.com/~hal/
Joined November 2008
  • Tweets 19,311
  • Following 237
  • Followers 13,672
228 Photos and videos
Filter
Exclude
Time range
-
Near
Load newest
Replying to @hal_pomeranz @k8em0
If you want to drive value from these relationships then maybe we should call interns what they really are— seasonal junior employees. Employees should expect to be paid and mentored. And companies should focus on incentivizing employees to stay with the firm.
2
4
17
I was reading @k8em0’s tweet about paid internships and it struck me that in the modern corporate world “intern” has become a synonym for “exploited”. Young professionals endure weeks of corporate hazing, sometimes unpaid, in exchange for a blurb they can put on their resume.
1
6
27
Replying to @webjedi
I feel like I’ve spent my entire IR life supporting SMBs. The “InfoSec Poverty Line” cuts much higher than most people guess.
1
3
Replying to @MalwareJake @scythe_io
Congrats and bon voyage
2
Replying to @MalwareJake @strandjs
Crap. I feel like I wasted my weekend now. You mean my EDR tool saw all this stuff and didn’t tell me? I guess my AI got jokes.
5
My dog likes lying at the bottom of my side of the bed. It’s like being “short sheeted” by man’s best friend.
1
2
Replying to @k8em0
Mad respect for your tweeting and your ongoing battle for dignity and equity against incredible odds.
2
Replying to @k8em0
“All of these moments will be lost in time…like tears in rain.” youtube.com/watch?v=JdUq2o…
3
Replying to @Shpantzer
One of the few upsides to third-party IR is that the water bill goes to my client.
1
1
Replying to @falconsview
“We need to have the security box checked before we IPO!” I would ask for immediate vesting upon separation before stepping into that clown show.
1
1
Replying to @wimremes @k8em0
“We are the music makers. And we are the dreamers of the dreams.”
2
Replying to @daveshackleford @k8em0
youtube.com/watch?v=reOKEx…
1
8
Replying to @nerdiosity @codeslack
She heads to Carnegie Mellon in August as the newest member of the diving team! 😳
1
With apologies to Sgt Pepper - “All you need is Splunk! All you need is Splunk! All you need is Splunk! Splunk! Splunk is all you need!”
5
19
Replying to @codeslack
Let me know how that goes. We’re thinking of sending Spawn0 off to college with one.
1
1
Love doing "side by side" mode on my double-wide monitor with two laptops. Wish the monitor had a magic, intelligent KVM switch that would seamlessly move my external mouse/keyboard connection to the right machine when I try and track between the two desktops.
3
5
Replying to @ThisIsAGorecki
Rarely-- but that's partially because of my role as a third-party. Sites that are mature enough to have enabled this event also likely have in-house IR capability, so I'll almost never visit them.
1
Replying to @charliesidjan
Hahaha Sysmon. I never get that. I rarely get the 4688s.
1
Replying to @bettersafetynet
Do the PBMplus utilities have something for that?
My DFIR happy place is a Windows event log with 4688 events. Third-party IR consulting teaches you to have modest expectations at best.
6
9
59
Load more