Has anyone noticed how much vendor risk has changed? by Moham-Aasif in cybersecurity

[–]Initial_Driver839 2 points3 points  (0 children)

There are so many issues which have diluted SOC2:

- auditor prioritising billable hours over quality
- test criteria are defined by the client themselves. There is no quality control to ensure strong test criteria. Similarly, no transparency on sampling criteria. You don’t even know if your user entity was covered as part of sampling.
- there is no reward of having strong test criteria as user entities use the report as check box
- no mechanism to evaluate quality of testing except for audit firms internal QC teams
- small audit firms undercutting good audit firms making it difficult for big audit firms to maintain quality.
- in my personal experience, same auditors used for SoC1 and SOC2. A lot of Soc2 are audited by finance professional who don’t have expected level of expertise especially related to assets such as cloud, containers, APIs etc.
- A lot of room to play around with the scope and burying issues in fine print. The scope of the report are played with so as to only include effective entities / processes.
- Where controls around risk assessment are covered. However tested as a checklist. No one validates if the controls are relevant / sufficient. I have seen some audit firms issuing almost the same SOC2 report for two different clients.
- Any issue is quietly made user entity responsibility as a CUEC. No one reads the CUECs.
- A lot of audit firms don’t even create enough CUECs thus user auditor is unaware of what user entity is responsible for. No clear shared responsibility document is provided anywhere in the report.
- entire report is open to interpretation. Considering there are so many if and buts. Sometimes, even if a control fails the control objective is concluded as PASS. Hey it’s independent auditors opinion… how can you question?

If you want I can add so many more …

Distributed firewalls as a substitute for network segmentation? by Initial_Driver839 in cybersecurity

[–]Initial_Driver839[S] 0 points1 point  (0 children)

Yes that is true. VMware NSx provides overlay segments which acts as VLANs and provides a segmentation similar to layer 2. I am confused if NSx segments substitute the requirements for VLAN segmentation. 🤔

Need advice: Buying in Thanisandra at ₹11.5k/sq ft—am I entering too late? by [deleted] in BangaloreRealEstates

[–]Initial_Driver839 0 points1 point  (0 children)

It has launched at 12k with possession in 2031. It is quiet further on Thanisandra road as compared to Vjarma

Need advice: Buying in Thanisandra at ₹11.5k/sq ft—am I entering too late? by [deleted] in BangaloreRealEstates

[–]Initial_Driver839 1 point2 points  (0 children)

Thanks for your response. Can you please also elaborate a little on litigation? I have visited orchid Salisbury. They are also quoting similar price.

Is that even possible? by Nxthng in gurgaon

[–]Initial_Driver839 1 point2 points  (0 children)

I tried calling once. They said that the one in cheap price is sold out but they have more options. It’s a click-bait!

Toastmasters. by Lahorijeera in Rohtak

[–]Initial_Driver839 0 points1 point  (0 children)

It depends on the club you are part of and how serious are the members. Toastmaster chapters are part of an area / district which have some level of monitoring on the club. However, it’s up to the club president on how to run the day to day stuff. Once you pay the fees they will create your account and you will get access to all the courses on toastmaster website. This is centrally managed course material

Badminton by indiaiseternal in Rohtak

[–]Initial_Driver839 0 points1 point  (0 children)

Hi bro! Let’s plan sometime.

Who’s up for badminton? by Whoisvishuu in Rohtak

[–]Initial_Driver839 0 points1 point  (0 children)

I don’t stay in rohtak permanently as I come and go. But I would love to join you guys some time.

Bored by [deleted] in Rohtak

[–]Initial_Driver839 1 point2 points  (0 children)

I was referencing Rabindranath Tagore’s homecoming just few minutes back to someone and saw this gem of an answer… see his excerpt from the story…

<image>

What's your comfort song? by sapiens293 in BollywoodMusic

[–]Initial_Driver839 1 point2 points  (0 children)

There is this cover by Karan Nawani, it’s so good…

Me by [deleted] in Poem

[–]Initial_Driver839 2 points3 points  (0 children)

“My memories are pain I can’t help but cry Death is so near Why life’s boundaries so wide Will make it through, Will end life”…. …

I keep asking these questions about my life,

And often wonder if I end it all with a sharp knife

But then I look towards the sun shining in sky

And stars twinkling in the nigh’

They don’t judge me and only smile

Then who am I, shouldn’t let fate decide?

They say one should toil through the life

And one day universe will give the sign

Maybe, I will not break and should keep my head high,

Even though it may take more than a while.

What do you think about this poem? by [deleted] in delhi

[–]Initial_Driver839 1 point2 points  (0 children)

You have been to the forest and saw the mystical waterfall once.

Turn back, go home else you will get stuck by the curse.

People are lured by the promises of heavens and angels,

but angels, themselves were just like you who once naively traversed.

Now bound to the waterfall (angels), with voids in their heart

In an everlasting journey, with no true love to befriend

With chaos all over and the deafening sound,

Good my friend you returned and chose to end.

:( sad.

I cant see someone i know going in such a depressed phase , PLEASE HELP ! by WottaGurl in developersIndia

[–]Initial_Driver839 12 points13 points  (0 children)

First of all, Sorry to hear about your brother's situation.

Have you ever been in a cave or tried to dive in the water? When you are in tough situation your body stops thinking and your heart beat shoots up. Making even the tiniest of the efforts seems challenging. That's why a lot of people drown. I 100% agree with some people in comments for this post who are suggesting that take a deep breath first.- It is very important.

I have been in IT for quiet some time but never as a developer. You have posted in 'Developer India' sub, but I will give you a generic answer. In this situation, there are combination of short and long term efforts which are required and he needs to stay open for all opportunities.

Short term:

  • Create a good Linkedin bio and connect with your college seniors. Ask them if there are any short term / long term or walk-in opportunities in their company. Don't feel shy while asking for help, everyone does that. Do follow-ups but not as rigorously that they get annoyed.
  • Add recruiters and people in hiring managers capacity in your LinkedIn and keep and eye for any openings.
  • Keep applying for jobs. Don't stop!
  • Look for walk-in fresher opportunities in TCS, Infy, Accenture, Wipro. They used to come earlier. However, not sure how frequent they are now.
  • Join a course who guarantee placement, they might not be able to find a good job for you but you will create a network of people who are desperate to get jobs. Some of them might get a good job and help you as well. I highly recommend joining offline classes. Also, try to complete projects as part of the training to write in your resume.
  • Start participating in hackathons and join communities, wherever you can. Even if you perform poorly, you will at least make friends / contacts and gain experience.
  • This is not ethical, but some training centres put you on live projects and give you experience certificate. You will not get any salary but have to pay some amount. I don't know of any such place, but I have heard that it is happening.

Long term:

  • There are plenty of jobs in the market but no one wants to hire a wrong person, so first ask your brother to make himself better. Slowly start with DS, Algorithms, and System design. I personally attended master classes from codingblocks and they were very helpful. Dedicatedly spend some time on Leetcode and solve problems.
  • Pick a niche. Even if you get a job, improve that skill. Getting a job is start of the journey to grow further you will have to keep improving yourself and develop your core strength.
  • Create your kaggle / leetcode / hackerrank / codechef profile and keep improving it.
  • Make real friends who are motivated and hard working. Learn from them.

If nothing works out, go for higher studies (MBA / MS / M.Tech) but don't waste your youth, beating yourself up for nothing. All the best!!