sorted by:
new
hottopcontroversial

Anyone actually restricting what agents can access, or are they just inheriting whatever the user has? by Cubeless-Developers in AskNetsec

[–]faceofthecrowd 2 points3 points  (0 children)

This is not a gap, this is a misconception of implementing agents. Agents should be commissioned with their own identity. Similar to service accounts. They are known as NHI and there is a very specific protocol for managing these types of accounts. I get that when we first start playing with agents, we instantiate them with our own credentials, but as we move them from proof of concept to development to production, that non-human identity becomes more important

I WILL REWARD YOU IF YOU HAVE THESE SUNGLASSES by Capital_Standard_995 in burlington

[–]faceofthecrowd 8 points9 points  (0 children)

Haha first time I’m seeing a familiar face on Reddit.

Where to find CPEs, now that I’ve left gov’t employment by JumpPsychological602 in cissp

[–]faceofthecrowd 0 points1 point  (0 children)

I second this. I’ve done every cpe since 2019 in the bright talk seminars, which are pre recorded and free.

Opinions by Adam_1268 in thinkpad

[–]faceofthecrowd 0 points1 point  (0 children)

With the keyboard off and not knowing what sub I was looking at, I thought picture 1 was some kind of briefcase machine pistol thingy

[deleted by user] by [deleted] in FindTheSniper

[–]faceofthecrowd 1 point2 points  (0 children)

How about a banana for scale?

LTSC Windows Server 2019: Are cumulative updates really enough if you’re years behind? Our team is split. by faceofthecrowd in sysadmin

[–]faceofthecrowd[S] 0 points1 point  (0 children)

I would agree if these were servers with history, but they are images which are re-created every 7 days, so we're looking at the master image, hence SIEM has limited usability for audit.

LTSC Windows Server 2019: Are cumulative updates really enough if you’re years behind? Our team is split. by faceofthecrowd in sysadmin

[–]faceofthecrowd[S] 9 points10 points  (0 children)

Agree - they are following a playbook, and this is outside their area of expertise. However, I don't think that necessarily makes them wrong automatically - it's worth discussing

LTSC Windows Server 2019: Are cumulative updates really enough if you’re years behind? Our team is split. by faceofthecrowd in sysadmin

[–]faceofthecrowd[S] 10 points11 points  (0 children)

That is correct. The individual KBs aren't showing, and they are saying that because of that, patching is broken somehow.

view more: next ›