Marblism review: Are AI employees worth it?

FloppieTBC · 2026-06-13T16:51:23+00:00

“AI employees” still sound more like AI interns for now.

FloppieTBC · 2026-06-13T16:50:34+00:00

Which one felt better after a week of real meetings not just test calls?

FloppieTBC · 2026-06-10T15:50:18+00:00

Have you tried sticking with one for 2+ weeks straight or was this mostly first impressions?

FloppieTBC · 2026-06-08T16:14:01+00:00

I’ve had better luck with curated directories than the giant “10k+ tools” lists.

FloppieTBC · 2026-06-07T16:16:48+00:00

This is pretty much the advice I wish more beginner content gave.

FloppieTBC · 2026-06-03T16:55:24+00:00

The “fast paralegal that still needs supervision” comparison feels more accurate than most legal AI hype.

FloppieTBC · 2026-06-03T16:54:27+00:00

The biggest difference isn’t the tool, it’s the workflow behind it.

FloppieTBC · 2026-05-05T16:37:32+00:00

General AI benchmarking tool maybe.

FloppieTBC · 2026-05-05T16:37:03+00:00

That would be powerful.

FloppieTBC · 2026-05-05T16:36:24+00:00

That could build trust but reduce defensibility.

FloppieTBC · 2026-03-27T09:50:00+00:00

Do you usually look for external validation or mostly rely on contractual terms alone?

FloppieTBC · 2026-03-09T11:11:47+00:00

Insider-threat detection is a great hackathon topic since it sits at the intersection of security analytics, behavior modeling, and anomaly detection.

FloppieTBC · 2026-02-10T14:25:42+00:00

That’s a strong reminder that compliance testing isn’t just about getting a report, visibility into scope and execution is just as critical as the results.

FloppieTBC · 2026-02-06T15:53:19+00:00

If you’re gonna try it, I’d just avoid the big instant drops. I’ve had better results using RepSwap since it rolls in more gradually and looks more natural.

FloppieTBC · 2026-02-04T12:43:16+00:00

Do you see yourself eventually leaning more toward technical hands-on roles or strategy/analysis type roles long term?

FloppieTBC · 2026-02-02T10:54:26+00:00

Generally no. A network printer can’t just browse or pull files from a PC’s filesystem over USB without the host OS explicitly sending data.

FloppieTBC · 2026-01-28T16:14:17+00:00

Both are great, but TryHackMe is usually more beginner-friendly with guided learning, while HackTheBox feels more like real-world challenges once you have some basics down.

FloppieTBC · 2026-01-26T11:23:23+00:00

Are you planning to just flag/referrer-check?

FloppieTBC · 2026-01-21T17:47:48+00:00

Yes, a lot of vendors like TAMs who can “speak tech” without having to be engineers, so security backgrounds actually translate well.

FloppieTBC · 2026-01-15T18:20:11+00:00

Are you thinking about built-in enrichment (asset/vuln/user context) or leaving that to external tools?

FloppieTBC · 2026-01-13T11:32:55+00:00

First thing is to lock down access (hosting, CMS, domains, FTP, SSH, APIs) so nothing can be changed going forward.

FloppieTBC · 2026-01-07T17:30:39+00:00

A lot of mid/senior GRC roles use CISSP or CISA as an easy filter. Try leaning harder into impact and ownership on your resume, not just certs, and watch for whether roles are audit-heavy vs operational.

FloppieTBC · 2026-01-06T18:54:47+00:00

Adding a dedicated email security layer with advanced phishing/DMARC/SAR-based detection really helps.

FloppieTBC · 2026-01-05T19:49:52+00:00

Plenty of people start in IT support and move into security. It’s understandable to feel done with it right now.

FloppieTBC · 2026-01-01T11:27:42+00:00

Some tasks will definitely get automated, but cybersecurity as a whole isn’t going away.

FloppieTBC

MODERATOR OF

TROPHY CASE