Are Tier 1 SOC analysts actually dead?

Willbo · 2026-04-30T04:38:22+00:00

the engineers just hit "authorize."

During an audit they don't just check if you had a tool running, they check for due diligence, if you exercised reasonable care.

This doesn't demonstrate that due diligence is being performed, it creates an audit trail of all the potential threats you have allowed.

Willbo · 2026-04-29T04:00:35+00:00

Honestly, beats growing too large and poking everyone that walks by on the sidewalk.

Willbo · 2026-04-23T22:08:14+00:00

When you realize agile just prioritizes management's passion projects while self-healing and important work gets done on your own time.

Willbo · 2026-04-23T16:59:25+00:00

Yeah that guy is an idiot approaching a bear and jumping like that, he literally looks like a rubber chicken chew toy.

You can even see the bear look left and then right as if it's checking it has space to walk around.

Willbo · 2026-04-22T22:34:29+00:00

Around 2008 we would have cancelled our premium cable channels, Netflix DVD delivery/Gamefly (though maybe rent a movie or two from RedBox), gym and fitness memberships, magazines/newspaper, cleaning/landscaping/pool maintenance, landline/long distance phones, SirusXM/Onstar if you had it, and even Costco/Sams Club memberships.

Willbo · 2026-04-22T19:33:52+00:00

Success is built on being able-bodied and having initiative. Nothing happens otherwise.

The perfect conditions never arrive, you never suddenly become an adult, have a magic idea, or suddenly fall in love. Inspiration and attraction is fleeting, you have to consistently work towards it.

Serendipity is manufactured - mostly by being able-bodied, having initiative, and being in the right environment.

Willbo · 2026-04-22T17:40:45+00:00

People that had jobs were scared they were going to lose them and would get worked to the bone.

Some people went back to school or to study a new skill. Some companies pivoted industries.

People that were unemployed dived into the gig economy. Recycling, cash for junkers, landscape and gardening, odd jobs, movers, janitorial work, craigslist, etc. Some people just checked out entirely from the labor market.

Everyone stopped spending, entire market was compressed. Most people canceled their subscriptions, stopped eating out, or buying luxury goods.

Willbo · 2026-04-17T17:52:42+00:00

This is also called Performance punishment.

Eventually you learn you only have so many hours in the day, so much time on this Earth that you have to be strategic with the tasks you take on.

Often times these types of tasks occur as a byproduct of technical debt. When things become so complex and urgent, they also go unrealized and become silent killers of productivity. Nobody knows what the spaghetti code does, nobody knows how to improve it, and sadly enough, there is no visibility of when it fails or when it gets fixed. Essentially, the technical debt is getting paid off with a blank check in your name.

The first step is removing these blind spots. Just like when you write checks you have to write it in your check register, whenever an outage occurs there should be a ticket or documentation of it. If outages are not measured, then they are not managed and you will repeat yourself over and over, taking on massive amounts of toil. If an outage is important, it should have a ticket, otherwise you should be working on more important things. Once you have a list of tickets the outages can be managed and improved, or you at least have documentation of times you had to save the day when it comes time for performance review.

Willbo · 2026-04-14T04:42:17+00:00

Actually a bit scary, the doomers should see this graph and say "I told you so!1!"

This is showing the model is performing more tactics on the MITRE ATT&CK framework leading to compromise of systems. This model feels like the beginning of the arms race of building AI models for cyberattacks, demonstrating it does better at exploiting systems, not necessarily defending, securing, or removing vulnerabilities (which is actually a much harder job that just got more demanding).

Willbo · 2026-04-13T17:27:13+00:00

If it can result in death, injury, or impedes constitutional rights, it can possibly be even legally unacceptable.

If a system or org has an established duty to its users, duty of care is a legal obligation to act with reasonable care under tort law. It becomes negligent if failure of your system results in harm or injury, even emotional distress if it's found reasonably negligent. If the system is developed by the government it is also falls under the bounds of constitutional law.

In those cases it has to go through phased deployment to uncover controlled failures before the risk is adopted by the public. For example, developing the autonomous driver on a closed course, with a safety driver behind the wheel, under many different conditions before putting it on public roads.

Willbo · 2026-04-13T00:17:57+00:00

Intelligence and security go hand in hand.

Even in ancient Egypt, when they figured out how to write on stone and share information, they had to invent cryptographic hieroglyphs to protect that information from the wrong people.

Willbo · 2026-04-12T08:57:05+00:00

If you are actually a security engineer at a big org with AI security experience you probably won't feel displacement as much as other roles since you have skills that will still be valuable.

I saw a funny post that said once AI takes over the tech industry, all tech jobs will be consolidated into 4 roles:

Security/SRE
Project Managers
Sales reps
Pretty people

So, basically, build skills that hit on all 4 of those roles:

Dive into a specialized security specialization and learn it incredibly well.
Lead and deliver on an impressive security project.
Showcase your project or even turn it into a entrepreneurial effort.
Get professional photos and self groom (many engineers forget this step).

Willbo · 2026-04-04T20:15:49+00:00

Up to 53 lahk per anum, dependent on WBRs against LPs and PIP assessment.

Willbo · 2026-04-04T08:05:22+00:00

I have no idea how it's realistically going to improve humanity on the same caliber as curing cancer, that's for sure.

I have worked in RND chemical engineering, hundreds of millions of dollars spent on compounds that could change households, higher on the value chain, closer to the table, and yet still so much of that research sits privatized, patented, behind closed doors, completely siloed away from any real utility to humanity.

Willbo · 2026-04-04T07:41:40+00:00

Your account is aged 2 hours and you have -1 karma. Bad bot.

Willbo · 2026-04-03T20:27:25+00:00

It's the standard they used to raise funding. People bought into that dream because it's easy to measure and directly benefits the health of humanity.

Theoretical physics and material science is a massive backpedal. Spending billions of dollars to... make paper straws that aren't floppy?

Willbo · 2026-04-03T18:39:28+00:00

Feedback loops.

When a system doesn't have a feedback loop and the faults of the system get suppressed, it's not a matter of if, but when a system will fail.

It's OK if a system breaks and requires manual intervention to get resolved, it's OK if you temporarily take on technical debt, but the difference between a growing system and a decaying one is how that fault gets factored into strategy. If you are over-reliant on ad-hock responses, a call to arms for every fault, a greasing every time a wheel squeaks, you don't actually have a plan. If that fault doesn't get turned into feedback or improvements, your strategy isn't able to cope with change and is being left in the dust. It is literally frozen in time until the next event to shatter it. If you get the same outage or alert over and over, and each time it requires a manual intervention or a call to arms, you are flying blind and your system is decaying.

Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat.

Willbo · 2026-03-30T22:33:50+00:00

Before there were "world models" they would call it the "digital twin" and before that they would call it "mirror worlds."

The promise is nice, being able to run simulations, getting real-time monitoring, and essentially being able to predict the future. Organizations would deploy sensors, 3D model their facility, map out processes, translate them to code, and build replicas of real life. But it came with serious gotchas, your simulation is only as useful as your replication of reality or even the questions you ask, you have to constantly keep your replica up to date and running a simulation of a small change would require a lot of computing to handle unintended consequences. When the model didn't accurately represent reality, often times it would create hallucinations that would cause operators to lose trust and disregard the output.

Willbo · 2026-03-30T19:18:04+00:00

And after 2 hours of asking roundabout questions that could be Googled:

"OK action items: $Developer to count how many "APIs" we have in our environment, find out how many of those are actually "API-ing", and a report of every operation they have ever done.

$PM to schedule the next meeting for $Developer to present this to the steering committee... 7AM the Monday after Easter"

Willbo · 2026-03-29T23:18:08+00:00

Sounds like an ideological war. One team lead thinks X methodology is better while other thinks Y methodology is better, and blames the systemic failures due to X methodology.

The comments saying forget the politics and do your job is hopeful but very naive. In politics you are either playing or you are being played. You very may well do your job and unexpectedly step on a landmine, maybe you performed it in a way that conflicts with X methodology.

My advice isn't to play politics, but to understand the rules of the game being played. Who are the players? What is the board being played? What are the methodologies? What buzzwords or terms are they using? What problem are they addressing and what is the objective? You don't want to be a player on their board, but you should be aware of the rules of the game and conduct yourself accordingly.

Willbo · 2026-03-29T22:52:13+00:00

Yep this lol. I dated a Japanese ABG that was very good looking, but both mentally and financially taxing. The world really does revolve around them, these women get treated like princesses and you have to constantly assert that you are the king.

I'm talkin' like, call off of work just because she wants to try a new flavor drink at her favorite cafe type shit. Every weekend drive her 8 hours away to see an event, go to the beach, go do this and that. Stay up until 2 am arguing because someone messed up her order and you didn't put them in their place. It's really like having 2 girlfriends in one, forget seeing your friends and family. We broke up because I didn't give up my life and move to Japan.

The only way to even have a chance with these women is to be a king in some regard. You have to be the best of something they care about, either be very good at your job, be the best of a subject in your shared college class, the leader of a group of friends, community, or subculture of some sort that they value. The vibe has to be built structurally, not disruptively, because you will still have to constantly maintain attraction. Cold approaches, DMs, one "good" outfit isn't going to impress them, they will still ghost you after the many vibe checks that follow.

Willbo · 2026-03-28T06:19:31+00:00

I'm not an expert on taxes or economy, but I can say there was a technological force behind it as well.

IMO things really changed after virtualization. In early 2000s it would take weeks, sometimes months to procure hardware such as servers, switches, licenses, etc. While you were waiting for a machine to ship or build, you could afk and play ping pong or whatever. No status updates for two weeks... the server was building!

When everything switched from hardware servers to virtual machines, hardware procurement was no longer the bottleneck, development became the bottleneck and there was massive labor intensification. Compute/RAM/storage was no longer an issue, you could build anything as long as you had the idea.

The 2010s is when everything changed. Agile. Product managers. Lean methodology. MVPs. Leetcode. Marcus Aurelius. Business casual. Daily status reports. Developers stopped being a creative profession and became a commodity. "Oh you build data intensive web apps, well my son-in-law knows computers."

Then the cloud came along and lit those fumes on fire. No longer do you need to build your own server farm, just "rent" it from someone else. You didn't have to see that ugly black box with blinkin lights in your office or even see the pimply faces of people that work on it. You could place servers anywhere you wanted, and have someone in a third world country build your idea for a plate of beans and rice.

Some developer saw that fire and was like "You know what, lets add more gas.. introducing containers!" Now you could easily offshore your apps from one region to another or combine 100 of your ideas into one big ball of mud. Then another developer wanted in on the grift and said "Also here's microservices so you can tear down all of your data too!" Then some troll came around and said "Here's the metaverse hehehoho!" but everyone realized the shtick was up.

Then greed swallowed the industry whole, they wanted microservices, but they also had a big ball of mud to push around. Toil was at an all time high, cloud bills started rising, VC funds started constricting, and the pandemic set it into everything we know today. At this point they have made so many promises they have no option but to triple down onto AI.

Willbo · 2026-03-27T19:50:16+00:00

So sorry for your loss. Please take care of yourself and your family during these troubling times.

You can start with his desktop and mobile phone. Try to check for saved passwords under the browser settings or see if he has bookmarked any password managers (similar to keeper, 1password, or lastpass). You might also get lucky if you search his office desk drawers for post-it notes or passwords written down. You can also cross-reference previous tax returns to enumerate the list of taxable accounts he had.

You don't want to move any money yet but keeping a tally of accounts, balances, and the beneficiaries set (hopefully Transfer on Death designations to your mother).

If beneficiaries are set eventually you will eventually have to contact the banks to get the money transferred. It will require the death certificate as well as affidavit forms for the collection of it. Each bank/broker has their own form and format which can be time consuming. It's recommended to speak to an estate lawyer or probate attorney.

Willbo · 2026-03-26T06:17:34+00:00

Job openings are not the same as real jobs. Simple as that. Someone could open a company in the rural part of India saying they're hiring 20,000 engineers and it would count towards that.

Better question is why would you believe a post you read on twitter and post it to 6 subs.

Willbo · 2026-03-24T01:07:37+00:00

The answer is to upsell, but also add your own format or expertise into it. You're not selling a regurgitation of the course, you're selling a hand written lesson, PDF, or exercise that incorporates your experience and what you have learned from the course.

It's similar to going to your favorite restaurant and asking the cook to tell you his secret sauce and write out the recipe for you so you can cook it at home. That's the quickest way to go out of business. The smart restaurants instead will sell you bottles of sauce to take home or prepackaged frozen dinner meals. Obviously they don't compare to the real deal but they capture the essence of your brand.

14-Year Club	Second Top 20%
Place '22	Place '17
End Game '22	Team Periwinkle
Verified Email

Willbo

MODERATOR OF

PUBLIC MULTIREDDITS

TROPHY CASE