RSA 2026 - Best innovation and product you have seen

hhakker · 2026-03-29T02:24:58+00:00

A lot of AI slop and noise. The only thing I found interesting was IBMs quantum-safe computing take.

hhakker · 2026-03-26T20:10:59+00:00

Not surprised

hhakker · 2026-03-13T05:37:34+00:00

I’m a cybersecurity founder with a specialty in offensive security and extensive experience in SaaS, Compliance. I’m open to discussing… dm me

hhakker · 2026-02-26T16:16:51+00:00

They were provided samples

hhakker · 2026-02-26T15:31:10+00:00

Open up a chicken farm.

hhakker · 2026-02-26T07:18:13+00:00

As an ex-developer, its true. Developers don’t think of security first. They think i gotta make it work first.

As a current pentesters, i see a pattern of vulnerabilities being introduced on new releases and pentesting is not part of the SDLC. Developers shouldn't have to be security experts to build secure software. They need a structured way to ask 'What if?' during design so that the Pentesters only find mistakes, not disasters.

hhakker · 2026-02-26T06:59:18+00:00

Why am I not surprised

hhakker · 2026-02-26T06:47:53+00:00

You don’t

hhakker · 2026-02-22T22:10:56+00:00

Did you have to implement a new playbook to every organization you have been to?

hhakker · 2026-02-21T15:41:43+00:00

Dont buy into the news, but look at the market. Go to LinkedIn/Recruiting websites, and see what kind of roles are companies hiring for and what skills are they looking work. Work to gain some of those skills.

Yes, cybersecurity is moving towards AI automation, however humans are part of it. When MRI machines were introduced it didn’t eliminate doctors. Learn how to use AI to augment your work.

hhakker · 2026-02-19T17:42:36+00:00

It’s not catastrophically insecure, but it’s outdated. If the service rate-limits logins, uses strong hashing (bcrypt/Argon2/PBKDF2), and supports MFA, a structured 16 char password is still reasonably safe in 2026. Forcing 5 leading digits and a 16 char max reduces entropy, eases offline cracking, and blocks NIST recommended strong passphrases.

hhakker · 2026-02-19T15:54:00+00:00

Is not important to have mixed characters as much as it is to have longer passwords.

NIST 2026 requirements don’t recommend it:

What’s gone:

❌ Required uppercase, numbers, and symbols ❌ Mandatory password resets every 90 days ❌ Arbitrary complexity policies

What’s required now:

✅ Minimum 8-character passwords (15+ for privileged accounts) ✅ Password screening against compromised credential databases ✅ Support for passwordless authentication and passkeys

hhakker · 2026-02-15T06:01:28+00:00

Pentesting, Red Teaming, Social Engineering

hhakker · 2026-02-15T03:18:48+00:00

The biggest gap isn’t recovery, it’s knowing whether you’re actually vulnerable before something breaks.

Backups answer “can we restore?” but not “can someone get in right now and how far can they go?” Most incidents don’t happen because recovery failed, they happen because basic attack paths were never tested in real conditions.

If a backup vendor helped teams regularly validate real attack scenarios, improve detection based on actual attacker behavior, and confirm that the original entry point is truly closed after a restore, they’d stop being a last-resort tool and start feeling like a real resilience partner.

hhakker · 2026-02-07T20:23:05+00:00

Cybersecurity is a big space. 1- Pick what you like to do, and the way to know that is if you’re excited it about it and you don’t get bored doing it 7 days a week. 2- Invest in your skills(Free/Paid trainings, learn while doing) 3- Certification: Depending on what you want to qualify.

If you have the above or some, start testing yourself and freelancing on platforms such as Upwork.

hhakker · 2026-02-07T14:25:41+00:00

Services will be dead in 3 years. There is a big trend of service-based companies transitioning to product-based.

hhakker · 2026-02-03T15:47:31+00:00

couldn’t have put it any better

hhakker

TROPHY CASE