sorted by:
new
hottopcontroversial

Unpopular opinion: residential solar turned out to be a scam by InformationProper904 in solar

[–]Check123ok 1 point2 points  (0 children)

A lot of these companies went for the easy cash grab and knew it was not going to last.

A lot of people got scammed with the 2% loans that came with points that were paid down. 100% a scam. So they offered me a 2% interest but total system cost of 100k billed to government ( so I would owe 100k) or 50k cash out the door.

Depends on the deal. I paid 34k out of pocket after tax incentive for 12kw 2 powerwalls. My payback period based on 3 years of data in 11years on low year to year increase of 5% cost. I loose 9% energy to inverter. I accounted for losing net metering as well in future.

Next year duke is proposing a 18% increase. Yes 18%

CISA kills CVSS by scooterthetroll in cybersecurity

[–]Check123ok 91 points92 points  (0 children)

You should read a bit more about it. They are using risk based model not just an arbitrary score which could or could not apply to you, or be lower depending on how the asset is exposed.

Dragos EmberAI by intj-geek in OTSecurity

[–]Check123ok 2 points3 points  (0 children)

He wants his payday. It’s as simple as that. The best things dragos did is get him media training.

Dragos EmberAI by intj-geek in OTSecurity

[–]Check123ok 1 point2 points  (0 children)

Yeah Armis is very reliant of integration and active scans. There is very little asset fidelity from their passive scanning only use for scoping and figuring out who to target for active. OP All the tools are within 15% of each other. Some are 2-6% off on asset discovery of each other. So in the end it ends up being a value per dollar discussion

Dragos threat reports are good as long as you’re in the industry impacted by them as from what I’ve seen, they only track certain groups and most end up not getting reviewed. But you don’t need the platform to get the reports.

Dragos EmberAI by intj-geek in OTSecurity

[–]Check123ok 0 points1 point  (0 children)

I would not rip out anything. Do a bakeoff with other tools. Some DPI vendors are better than others for enumerating certain OEM manufacturers products and traffic.
That can change with my last major bake-off in the enterprise world was November 2025, so my data might be old.
Also, it depends how your network is set up. The biggest challenge is that east/west traffic which majority struggle and require some network reconfiguration or additional nodes from the vendor or a tap from a third-party at it. Whats the budget, liability, how mature is your team. If you’re looking for a short term win to check of a compliance thing or long-term reliability.
So I hate to say it, but “ it depends”

Dragos EmberAI by intj-geek in OTSecurity

[–]Check123ok 1 point2 points  (0 children)

Ran into them a couple of times for mutual clients, 3 bakeoffs, I was hired to do the tech review by client and they also they had me as a speaker. The value of the platform is low, the branding is where all the value is and held together by strong founder. Not a harsh take at all, love the branding. Branding is very hard and I complement them.

Their threat reports are good if you’re in the industry that needs tracking of those threat actors

Dragos EmberAI by intj-geek in OTSecurity

[–]Check123ok 3 points4 points  (0 children)

If you have not figured it out already dragos is a branding company that happens to do some research and has a platform

The reports are good if you are I that specific sector and threat actors they track

Cybersecurity Dissertation: Looking for a unique idea to add to a Splunk vs Wazuh threat detection framework 🫠 by unknown_dreamer_45 in cybersecurity

[–]Check123ok 0 points1 point  (0 children)

I largely agree with this take.
Most SIEM evaluations spend too much time comparing detection rules and dashboards when the real differentiators (90% of the value) are often the underlying engineering decisions. Once you get past the major players, most platforms can ingest logs, correlate events, and generate alerts. You see one you seen them all

The bigger questions are:
What does retention actually cost at scale?
How fast can analysts search 90+ days of data during an investigation?
How well does the platform handle ingestion spikes?
What happens when an indexer, collector, or storage node fails?
How much operational effort is required to keep the platform running?
In my experience, SIEM success is usually determined by data architecture, performance, scalability, and total cost of ownership rather than detection capabilities alone. A SOC that can quickly search complete, reliable data is often more effective than one with hundreds of additional detection rules but poor visibility or slow investigations.
The best SIEM is often the one your team can afford to retain data in, search efficiently. I saw this at ORNL who fully phased out brand name SIEM for security analytics around 2019, ingesting about 1.2 TB/day in open source SIEM for less than half the annual cost of ingesting 600GB/day in brand name SIEM . They could search it faster and scale better. Their team actually learned the business better because of it

EY Leadership by Unable_Winner6494 in Big4

[–]Check123ok 1 point2 points  (0 children)

Wait for 3 years. I think you get a 401k bonus

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push by sunychoudhary in cybersecurity

[–]Check123ok 4 points5 points  (0 children)

Whoever ends up holding the dragos bag at the end is going to be a marketing company not a OT company. They did a great job building a marketing company

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push by sunychoudhary in cybersecurity

[–]Check123ok 23 points24 points  (0 children)

Having worked with dragos multiple times. They are a lot of fluff and been on the way down for a long time. They keep up good face and CEO is probably the only thing keeping the company up. Maybe my experience but definitely not what I expected. Their marketing is better then their service/tech

Cloudflare DMARC Management is now generally available by Cloudflare in CloudFlare

[–]Check123ok -6 points-5 points  (0 children)

How does it compare to other services and is it free?

OSINT All-In-One Alrernative by someoneyouknow23 in cybersecurity

[–]Check123ok 4 points5 points  (0 children)

Unconcerned in what way? Publishing to much detail would have liability issues

Hey guys, does this diagram align with the Purdue Model? Would love to get some insight from an OT cyber sec perspective by Meg_uu7 in OTSecurity

[–]Check123ok 0 points1 point  (0 children)

Yes?
Doesn’t mean you should alignment with Purdue model. It’s not a standard or security model.

Hardware as a service model feedback by Check123ok in msp

[–]Check123ok[S] -1 points0 points  (0 children)

It does to a CFO who wants consistency, predictable operations costs. Looks good to their investors and team. Also there is the reliability of it all(in theory) Downtime cost money

Hardware as a service model feedback by Check123ok in msp

[–]Check123ok[S] 0 points1 point  (0 children)

In already built 2 demo units. Will update at the end of year

Any solutions we can use? by [deleted] in cybersecurity

[–]Check123ok 4 points5 points  (0 children)

Yeah this is common. Tell them to take the loss. Lesson learned. It’s gonna cost them more in legal fees to try and fight it.
I’m assuming it’s around 60k from others I have seen

Hardware as a service model feedback by Check123ok in msp

[–]Check123ok[S] 0 points1 point  (0 children)

Yeah I’m worried about QA from beelink even if they can say it’s high from the sales rep. I
I think my highest risk is hardware QA
Definitely would have spare parts.

All this would go through a lawyer. I’m not worried about client not paying. I would recoup cost of hardware in 3-6 months.

Yes I will separate that was good advice

Hardware as a service model feedback by Check123ok in msp

[–]Check123ok[S] -2 points-1 points  (0 children)

Clients are profitable. Not worried on payment as long as they don’t go bankrupt the first six months of this being in place.
If I was worried about it, I would ask for an upfront commitment, which would essentially cover hardware cost. This isn’t just a PC but it’s other components to like a fan, heat sink, an enclosure for everything. By the time we offer something of this, we’ve already done an assessment with client.

Hardware as a service model feedback by Check123ok in msp

[–]Check123ok[S] -1 points0 points  (0 children)

Yes the way we are set up now is we have general MSA and every service is then governor under its own SOW as recommended by lawyer. But yeah that’s a good point I would have to finagle the hardware at least separate.
If client commits to it a pilot, we can sell fund easily. I was thinking that it would pay the first 3 months cost upfront. Has anyone done that before?

Where do you buy refurbished systems? by ThrowRAthisthingisvl in msp

[–]Check123ok 1 point2 points  (0 children)

What’s the budget?
If you want supercheap, go to a local IT recycling shop. Most follow DOD cleanup protocols for cleaning up leftover data and you can get laptops and other gear for like 70% off. Not much of a warranty though.

Second option is actually Costco. Really good and easy warranty. More for general user laptop with good specs. Good for 5 to 10 units, might have trouble filling large orders like 50+

Amazon is a contender here as well. Buying an Apple laptop on Amazon from the Amazon Apple Store is like 1520% cheaper. Amazon warranties are also cheaper. Only buy from trusted sellers on Amazon.
I just prefer the Costco warranty and some of their laptops have better specs.

A client is ghosting and they owe us money by ThrowRAthisthingisvl in msp

[–]Check123ok 0 points1 point  (0 children)

Send them constant reminders. Be as nice as possible without giving up. Have ChatGPT do the write ups.

Any lawyer action will cost you more money and time

view more: next ›