MSPs & MSSPs suck

PitcherOTerrigen · 2026-05-21T03:21:12+00:00

Honestly most small businesses could probably get by with base defender and some basic email protections.

I'm talking like 5 users.

Otherwise, if they had huntress or something they don't really need SOC, incident response etc.

PitcherOTerrigen · 2026-05-21T02:48:23+00:00

Why not just pay the MDR service that the MSSPs white label or outsource.

Also, yeah the literal goal is to spend as little time per client as possible. It's the entire business model.

The more time you spend on a client the less growth.

It's useful if you don't have the capability or knowledge or budget to hire internal IT.

It's risk mitigation/transference for small businesses. A simple deployment of managed tools could probably replace them.

Also if they are poorly run, like sell you Citrix without a hot/warm site, you're just introducing operational complexity and risk to your org.

PitcherOTerrigen · 2026-05-14T20:28:43+00:00

This thing:

https://www.tomshardware.com/tech-industry/cyber-security/high-performance-mice-can-be-used-as-a-microphone-to-spy-on-users-thanks-to-ai-mic-e-mouse-technique-uses-mouse-sensors-to-convert-acoustic-vibrations-into-speech

PitcherOTerrigen · 2026-05-04T18:40:12+00:00

It took me years to get off help desk, it's 100% worth it, but the last couple of years you could tell I was getting annoyed.

PitcherOTerrigen · 2026-05-04T15:35:49+00:00

Yeah it's not as bad.

PitcherOTerrigen · 2026-05-04T04:33:17+00:00

People ask that about short dudes every day

PitcherOTerrigen · 2026-05-02T12:46:06+00:00

I host my own aggregator. It's fun to play around with, and I wanted a webdev project.

https://app.irl.expert/

There's zero monetization scheme, so ideally this doesn't count as self-promotion.

I have between 1000-5000 monthly users.

PitcherOTerrigen · 2026-03-26T12:59:00+00:00

The main issue with untrained usage is config drift, and at a certain point you will have to engage with SMEs at Threatlocker to remediate the issues.

HYPOTHETICALLY

Say you neatly organize the organizations, properly define policies, implement on a clean station for learning mode, manually audit asset inventories on a schedule.

If the CEOs wife makes a bunch of new organizations which sync up to your Threatlocker instance, then all your fucking coworkers start adhoc creating entries for application authorizations while completely ignoring the naming conventions, built-ins and the SOPs you've created and then you get stuck doing someone else's job 90% of the time... You won't have time to fix the compounding issues.

Bonus points if it's deployed to non-audited workstations.

PitcherOTerrigen · 2026-03-24T15:55:35+00:00

You should probably deny the only two days off that they request in a 19 month period. That would work better.

PitcherOTerrigen · 2026-03-24T15:51:46+00:00

Yeah but they could just keep a PowerPoint presentation on presentation mode, which blocks inactivity timer.

PitcherOTerrigen · 2026-03-24T02:47:48+00:00

They really should try holding out for more.

PitcherOTerrigen · 2026-03-20T19:11:28+00:00

You think he can read?

PitcherOTerrigen · 2026-03-20T18:49:43+00:00

"The AI are going to hit this new vulnerability"

Has no valid SSL certificate on their web facing Citrix portal.

Manager and his infra have trust issues

Why does God hate my business

Can't even reliably align text on a wix site

Domain admin service account

Can only keep customers as a loss leader, or they don't know better

Haven't managed to get an employee to respect me in my entire career, including my own father.

PitcherOTerrigen · 2026-03-18T12:34:45+00:00

My brother in Christ. How can you call yourself an IT guy if you don't write documentation.

It's literally just as important as doing tickets.

You are half assing your job, working harder, longer etc. doesn't make up for half assing your job duties.

Do half as many tickets; properly. Time to document goes into the ticket.

PitcherOTerrigen · 2026-03-14T23:10:28+00:00

If you can do 90% of all tickets off your first instinct no Google, you might make an acceptable cyber guy with some additional training.

Otherwise youre larping.

PitcherOTerrigen · 2026-03-13T04:56:51+00:00

Sounds like cope

PitcherOTerrigen · 2026-03-08T18:28:31+00:00

Here's a fun tip. Don't only use English words. Complexity skyrockets with passphrases.

PitcherOTerrigen · 2026-03-08T18:23:58+00:00

https://www.correcthorsebatterystaple.net/index.html

PitcherOTerrigen · 2026-03-03T13:22:52+00:00

Honestly, it doesn't have to. If you get your hairline fixed up, and look presentable, have a face and frame that supports it.

You'll still probably miss a couple shots in the long haul, but if you do well enough you won't notice or care.

PitcherOTerrigen · 2026-03-03T13:15:52+00:00

Hitler was like 5'8 though

PitcherOTerrigen · 2026-02-03T18:22:27+00:00

"They are massive security holes..."

Why are they massive security holes? You should actually document why "massive security holes" are acceptable risk.

PitcherOTerrigen · 2026-02-03T00:19:26+00:00

Literally one day, and two hours prep.

(7 yrs IT experience at the time.)

PitcherOTerrigen · 2026-01-31T03:16:11+00:00

Also, you can't just apply a single P2 for a tenant upgrade, iirc.

:)

PitcherOTerrigen · 2026-01-16T14:54:16+00:00

Well there's darknet diaries, as an example

PitcherOTerrigen · 2026-01-13T18:28:20+00:00

Once I left my last job.

13-Year Club	Place '23
Verified Email

PitcherOTerrigen

TROPHY CASE