In 1 hour we’ll be chatting w/
Chime
engineers (including @dtrejo) about Monocle and learn about their devsec process on the
@absoluteappsec
podcast.

You can watch it here at Noon ET: https://www.youtube.com/watch?v=WGBkmlc2Y6A

5/24 It is a commonplace for people to blame deregulation on a wide variety of ills, from high fares to poor service to rural places to such abject horrors are people boarding planes in comfortable clothes. Petzinger takes a much more balanced view. ↵

@brianleroux maybe this would help: https://www.canarymedia.com/articles/electrification/this-startup-is-adding-a-battery-to-induction-stoves

@otakup0pe thanks! Would be cool to hear your ideas!

@seb thank you Seb!

Also, I'll be speaking on Saturday at BSides SF about this and more–see you there? https://bsidessf.org/

Excited to share 😺 Monocle Risk Advisor with you! How we handle risky PRs at Chime: https://medium.com/life-at-chime/mitigating-risky-pull-requests-with-monocle-risk-advisor-part-2-7013e1485bf2

#security #securityengineering #github #pullrequests

Started rehearsing for my BSides SF talk on April 22nd. Excited for it 😎

Details: https://infosec.exchange/@dtrejo/109832188256725418

@seldo I bet there is dark money compensation we're not seeing, especially for Trabucco

How to bulk comment on dependabot PRs: gh pr list --app dependabot --json number -q ".[].number" | xargs -I{} -n 1 gh pr comment {} -b "@dependabot rebase" #github #dependabot

@heapwolf maybe sponsored lies in responses, native answers, the new native ad

@ncweaver maybe neither? and save your energy for sales and product work

@brianleroux I'm pretty excited for @webreflection work on getting vanilla jsx-ish into the standards 🤩 👏

🎉 Good news! I'm giving a conference talk at @bsidessf SF '23 in April!
🎙️ Gamify security best practices to scalably improve engineering culture

My coworkers are also presenting:
🎙️ Overwatch: A serverless approach to orchestrating your security automation by Sanchay Jaipuriyar
🎙️ What Does it Mean to Build a Proactive Security Culture in an Organization by @spashtata & @arkadiyt

Tickets: affordable, https://bsidessf.org/schedule

RT @Kostastsale
I usually make short-form satirical videos for fun, but never share them with the world. This time tho, I thought I'd make one for the infosec community. Some might even find it educational 😅

If you're in #infosec and you feel a little down this week, this video is for you💙

Simple FYI for US:

If you last had a COVID vaccination more than two months ago (and no diagnosed COVID infection since then), you are eligible for another booster under CDC guidelines.

As someone in a higher-risk group about to head off to several conferences, I got another booster yesterday. (No improved 5G reception yet, though.)

And, if you have yet to get the bivalent booster (only 16% of US has), then do it! Not only will it help protect you, but it will help protect others -- like me!

@brianleroux agreed, people have been writing plenty good code in dynamic languages since forever. not to mention that TS is so annoying and unhelpful at generating its own types based on observed values in the program

@ncweaver f*** yea! 🙏

@davidho isn't this good for the gut microbiome? 😂

I always talk about how useful Data Brokerage sites are in human hacking (they're the first step in OSINT before launching the attack). Which is why I'm stoked to be partnering with delisting company DeleteMe on a virtual event January 25th at 1pm ET where I chat with CEO Rob Shavell about how I use Data Brokerage sites in my hacking, why I recommend delisting to everyone for their security and privacy, and have a live Q&A with the audience. Please join us for this free event, all are welcome. https://b2b.joindeleteme.com/webinar-january-2023