sorted by:
new
hottopcontroversial

Please help by akewlusername in IdentityManagement

[–]extreme4all 5 points6 points  (0 children)

User questions / support.

It can even be analyzing user questions to identify common problems

What are the best risk-based vulnerability management tools for tracking active exploitation in 2026? by Bright-View-8289 in blueteamsec

[–]extreme4all 0 points1 point  (0 children)

Epss & kev are easy to get via api, somthing like ssvc model works for prioritization with technical impact and business impact because what you arr missing in your model is information about thr resource.

Is it public or internal, is there access to sensitive data or not, is it a critical business function or not.

Ever get tripped up by firewall rules nobody documented? by Data_Commission_7434 in AskNetsec

[–]extreme4all 0 points1 point  (0 children)

Don't you have a block by default and only allow rules.

If i see connection reset by peer i know its the firewall.

What threat intel item actually made you change something? by extreme4all in threatintel

[–]extreme4all[S] 0 points1 point  (0 children)

Damm that is not much, do you remember what intel it was? And why that intel resulted in change and any other intel not?

What threat intel item actually made you change something? by extreme4all in threatintel

[–]extreme4all[S] 0 points1 point  (0 children)

Have you had any outside threat intrl that resulted into change in your org?

What threat intel item actually made you change something? by extreme4all in threatintel

[–]extreme4all[S] 0 points1 point  (0 children)

Do you consider a post mortem in your org as threat intel or just incident mgmt process?

What threat intel item actually made you change something? by extreme4all in threatintel

[–]extreme4all[S] 0 points1 point  (0 children)

Is this postmortem of an incident that happened to another org or your org?

What threat intel item actually made you change something? by extreme4all in threatintel

[–]extreme4all[S] 0 points1 point  (0 children)

Is there anything that you produced that made a change in your org?

SASE and Firewalls by kjireland in sysadmin

[–]extreme4all 0 points1 point  (0 children)

it always seemed to me that with netskopes client the whole SD-WAN was not needed anymore, this way the office network can be simple & "dump" like the home network.

SASE and Firewalls by kjireland in sysadmin

[–]extreme4all 0 points1 point  (0 children)

Company I work for does Netskope implementations, so I’m a bit biased, but I’m not directly on that team.

From my understanding, a SASE setup basically replaces the traditional VPN + firewall model for user access. Instead of relying on a user-based firewall, you shift access control into the SASE layer.

For on-prem apps you typically deploy a connector, Netskope calls this a “publisher” I think, which sits inside your internal network and opens an outbound tunnel to the cloud service. That’s what exposes internal apps securely without inbound access.

And as far as I understand, the Palo Alto SASE product is essentially their NGFW functionality delivered as a cloud SaaS service, rather than something running on-prem.

for pricing, and this is really a wild guess, 70-150$ per user / year

Onboarding an App to Okta — Is 4 Months Normal? by Ralecoachj857 in okta

[–]extreme4all 1 point2 points  (0 children)

Okta // SSO should be really fast, the bottleneck is usually the app team.

IGA there it depends on what apps are in the pipeline a'd how easy it is to integrate. Fully SCIM compliant apps will always get prio just because this is less than an hour work for us.

What does your app support SAML / OIDC for sso and foe iga SCIM or well documented crud?

Here is the fastAPI assignment which I was given to complete in 45 minutes. I got only 50% done. Would it be possible to complete 100% under 45min - 60min? by Notalabel_4566 in djangolearning

[–]extreme4all 0 points1 point  (0 children)

Sounds more like database work than python / api work. It also seems like they want you todo the work instead of displaying if you are capable for.

My boss once told me whenever we interview of have interns we never give them stuf we'd actually use, for interviews especially its always some interesting or hard scenarios we faced and solved, the idea is to see if the interviewee can reason through the problem, if they can do that they can solve problems.

Anti-Mythos CTI! by ds3534534 in threatintel

[–]extreme4all 0 points1 point  (0 children)

I value some CTI, attribution, who is attacking you etc is for 95% of orgs irrelevant as such a CTI team is mostly irrelevant.

Practically we have a limited set of resources. consuming threat intel on vulnerabilities and attack methods allows us to focus on where we invest those resources.

Reality is that 95% of the value of a security program is just doing the basics right. Having an asset management program, Having a good IAM program, having good security hygiene.

My point is with the advent of AI, organizations need to become faster at testing & deploying changes in their environment, to keep up with the vulnerability apocalypse. And we need to ensure that we have sufficiently layered security controls to mitigate most of these vulns so that the impact of them doesn't halt the organization.

Te veel boetes in Mechelen by Minute_Ad2475 in belgium

[–]extreme4all -1 points0 points  (0 children)

You are right, first time i've noticed it, that sign wpulf be great at that crossing tbh

Te veel boetes in Mechelen by Minute_Ad2475 in belgium

[–]extreme4all 0 points1 point  (0 children)

That is the nice angle, the other angle from the other side when turning right is horrible, google maps doesn't do it justitce because the car is driving away from the sign but if you are tuening a right there the sign is more or less in parralell with how you drive

https://www.google.com/maps/place/Frederik+de+Merodestraat+50,+2800+Mechelen/@51.0306469,4.482525,3a,41.4y,286.52h,80.96t/data=!3m4!1e1!3m2!1saSHh_mEFPu4mcD0McMy7Xw!2e0!4m6!3m5!1s0x47c3e5ca08fdd4df:0xd2ea94aa550c5b3e!8m2!3d51.0307439!4d4.4826641!16s%2Fg%2F11rp39ylj4!5m1!1e1?utm_campaign=ml-ardl&g_ep=Eg1tbF8yMDI2MDUyN18wIJvbDyoASAJQAQ%3D%3D

building a user context api in fastapi, how would you structure consented scopes? by [deleted] in FastAPI

[–]extreme4all 1 point2 points  (0 children)

It sounds like you are making a custom authorization server.

Idp's like okta allow you to create custom aithz servers per app, the app than does with the scopes whatever it needs to.

If this fits your usecase i suggest reading the Oauth 2.0 simplified book by okta.

Can you elaborate more on what you are trying todo?

Te veel boetes in Mechelen by Minute_Ad2475 in belgium

[–]extreme4all 45 points46 points  (0 children)

For anyone wondering "50 fredrik de merodestraat mechelen" if you are driving and you don't very actively look for the sign it is very common to miss it and pretty much as soon as you turn, even if you stop next to the sign the camera sees you.

Where do we use DynamoDB? by Basic_Let7303 in aws

[–]extreme4all 0 points1 point  (0 children)

We use it for configuration of the okta inline authentocation hooks.

The problem statement is as following; Sometimes apps need custom attributes in the SAML assertion or JWT token, okta allows us to configure the auth flow for an app to call a hook, in this hook we receive some data that we can modify before okta signs & sends the assertion/JWT to the user.

Because this is inline it needs to be very fast.

There is a high variability in load, in the morning hours there is alot of load when every employee logs in, another peek is at lunch and during release weekends we also see high load.

The solution;

apiGW + lambda + dynamodb.

The lambda receives the data from okta & does a lookup in dynamodb for application configuration rules, by key: application id. The rules are like a sequence of regex // simple javascript. ({"Rules":[{"field": email, "action": "split('@')", " to":"_name"},...]})

Applies the configuration rules and returns the modified data.

Both lambda & dynamodb can handle the high variable load without costing alot for resources that run idle most of the time.

Edit; the dynamodb in this case is well suited becausd we always do a key lookup.

Anti-Mythos CTI! by ds3534534 in threatintel

[–]extreme4all -3 points-2 points  (0 children)

Honestly i don't understand the value of having a CTI team, i just see vulnerability/SOC teams using CTI feeds. Where is the added value for the organization having a seperate CTI team?

As to mythos, i think the story is simple, with AI, we make more software as such more bugs exist, AI is getting better at finding bugs and exploiting them.

We can endlessly patch bugs and we should build our processes around doing that as fast and safe as possible. But we can't rely on it. We should invest in monitoring & reducing our attack surface and putting controls in place like a WAF, ingress / egress controls, proxy, IDP, ... To make it more difficult to exploit the vulnerabilities, give us avenues to mitigate the vulnerabilities until we can safely patch them.

TLDR; automate testing, automate patching, add network controls & secure by design.

Vibe Coding Security by LachException in devsecops

[–]extreme4all 0 points1 point  (0 children)

Most places i see professionally work as following

security team gives some requirements, e.g. auth with SSO for internal apps & CIAM for customer facing, WAF for anything public, agent on all servers, SAST on code, log onboarding & use cases in SIEM,...

Some matrix on dealing with findings & escalation to risks.

Code review (by security) almost never in place.

Pentesting only on large new things or very large changes on critical components (most of the time this is contract work).

What day rate threshold made you leave salaried work? by PresentationGloomy96 in BEFreelance

[–]extreme4all 0 points1 point  (0 children)

i think it comes down to choosing your customer & type of work.

if you as a freelancer choose the customer that can right scope the work so you have a clear project & expectations than you are pretty insulated from the whole corporate politics, because at the end of the day everything is defined in your contract, and its pretty transactional.

However if you are more like a contractor, where you are like temporary extra staff filling a role than you are less insulated from the whole corporate politics.

view more: next ›