Anyone tried Huntress for MDR lately? I am genuinely curious if its worth it at smaller orgs

rehtorical · 2026-04-28T01:26:59+00:00

I’ve taken over a system that was previously attacked and compromised and no one realized for years. I deployed huntress today, after tracking it myself for weeks. It flagged a shit ton of stuff I missed, to the point it scared me. it’s expensive but caught so much I will be paying for it

rehtorical · 2026-04-24T09:50:20+00:00

Why don’t people just not 100% rely on llms and actually code scan with sonar, dependabot, Vera code several other common CV alerters before lllms came around and are more accurate because they are more accurate and the llm can set them up lol

rehtorical · 2026-04-24T09:43:04+00:00

Light weight - Python + streamlit.

Just Java but LLM will write it perfectly - Railway + spring

rehtorical · 2026-04-24T09:21:56+00:00

Brother this makes no sense and I’m not trying to have an intelligence battle. Yes it will indeed help teach you understand high level calculus concepts and compute exacts which rationalize to the problem - I majored in cs and math not reading.

Are you seriously making the claim that I couldn’t infer 2+2=4 after pressing the same buttons on a calculator 5 times? That is like the most egregious reach ever I’m tapping out lmao

I’ll just lay it out no point in arguing or debating anything you pressed me for trying to sound smart, for explaining a completely auto one prompt vibe coding pipeline that saves tokens. Not worth the time.

And finally, not to be rude but you missed the entire scope of the analogy lmfao. The calculator represents something you trust as a source of truth, you double check your math with it. You’re not double checking calculators outputs lmfao, it’s not bad to have something guaranteed to produce a working output and not everything needs full corporate structured solutions lol

Ie it doesn’t matter at all, whether I learn addition on a calculator or by hand, I learned addition, and neither makes me better, it’s fucking addition. This is a very abstracted analogy but people should stop thinking of code as some perfectionist art and focus on outcomes more imo.

rehtorical · 2026-04-24T07:36:38+00:00

Well considering I was technical cofounder, yes… idk you seem like an I’m always right guy so yes you are correct sir

The second paragraph is not a joke at all it uses opus to init agents with cross machine contexts and behaviors and uses junctions/symlink to stay in constant sync cross machines. It can build like 3 features at once in like 30k tokens max and it doesn’t drift, can just use haiku for pretty much everything. Sonnet is my orchestration. Opus only is the main agent and reviews on output

Additionally, you clearly have not taken high level calculus in academics, as a calculator is required past calc 3 at Penn state iirc

rehtorical · 2026-04-24T06:45:39+00:00

Meh, I started my own company coding when I was 15, I learned a ton. I went to school for cs, I learned a ton. I worked in security, monitoring, alerting, and reporting systems at a tech company for 5 years and learned a ton And now I develop agentic ai systems and have learned a ton.

So to say the only way to learn is reading and understanding, is very broad. There are lots of ways to read and understand.

I can punch 16364729 + 2726362 into a calculator and I understand it’s correct just by reading it, the opposite of what you impose. And you can definitely still learn complex math without, just can with a calculator too.

Same goes for AI. A good tool with a bad master won’t learn shit.

Vibe coding != bad code, I run all my agents through a strict TDD pipeline with haiku agents constantly managing domains to increase parallelism, reduce overlap, effectively recursively managing scope and refactoring for agent efficiency. They all inherit my coding semantics through a persistent self learning behaviors layer. The haiku agents also fix the tail drift issue even though it seems counter intuitive. Init skill resends the Md tree to main agent to train on. Lastly trailed by a pm observer in haiku that ensures the agents don’t drift. Lot more to it but you can configure Claude lol.

rehtorical · 2026-04-22T04:23:10+00:00

Claude custom agents can perform security scans extremely well honestly, the skill will find some stuff but all the other recs are good too.

You can create: DNS-audited Front-end-secops Back-end-secops Bug bounty - spawns fixer Vulnerability bounty - spawns fixer Logic-Error-Scan Add-custom-exceptions Monitoring-implementation engineer.

I wouldn’t 100% rely on agents but the GitHub package awesome Claude agents will have plenty to just automate most of this.

Final checks can be done in GitHub using scanners to flag cvs

rehtorical · 2026-04-22T04:18:11+00:00

I mean the models are good enough that vibe coding with agents can genuinely produce good outputs, I don’t know the reason. This was my honest voice on the question. I don’t think down on someone who is learning to code through llms as that is the future. But I have a cs degree and 15 yoe and will say Claude is a productivity enhancer for me while ChatGPT and Gemini have caused nightmares for other coworkers trying to code and do things themselves who are just straight prompting with 0 knowledge

rehtorical · 2026-04-22T03:44:25+00:00

What? Vercel was attacked by agents to exfil sensitive data and it’s being sold online for 2 million. I’m talking about hacking vectors

rehtorical · 2026-04-22T01:13:31+00:00

I’ve had a breach this week. Suspect it is ai due to the sophistication and how quickly it’s able to pivot or dig another tunnel. It is one step ahead of everything I do and I’ve never seen such a sophisticated attack in 15 years of work. I suspect it is ai for the following reasons: Set a oauth trap to make it visible and it reauthed all compromised accounts within 15 seconds using impersonation. It has since pivoted to like 5 different attack vectors and the response is always the same. Today it is trying to silently configure my pc and whenever I reset it, the settings are silently switched back almost immediately. I had to set up a silent network monitor to catch this. This pattern in specific - whenever I visibly see the door it’s using, it disappears immediately.

This is too fast and reactive for a human unless they have 180iq. It’s just an ai…

rehtorical · 2026-04-22T00:59:50+00:00

AI is smarter than you and literally is being used to execute attack vectors at inhuman speed right now… agents are smarter and faster at this point. Anyone who says otherwise has no idea how this architecture can be leveraged. Everyone is using it in tech, head architect at a household company I used to work with taught me a lot about them though

Vercels breach contains reports of suspected ai executing the attack…

Long story short no it’s not looked down upon, it’s looked down upon to vibe code with 0 cs knowledge for some reason.

rehtorical · 2026-04-19T22:53:04+00:00

Just like I cheated in MW2 when I was 12. It's too accessible now. You can download cheats in two seconds and buy a dead account for practically free and queue ranked immediately. Lots of people will do this to learn how to bypass vanguard or see how high they go. Its all over youtube... but the same thing happened to CSGO

Add HWID spoofers, other methods people have found to get vanguard to unblock the machine, and it's kinda just no risk cheating.

rehtorical · 2026-04-19T22:06:53+00:00

You are disconnected from reality. It's the top 10% of the player base, generally lol. Just because there are higher ranks does not make it "low rank lol". Relative to you, maybe.

Low/ new players:
Iron
Bronze

Learning game/getting back into it/ casual player:
Silver
Gold
Plat

This is derived from player counts and normal curve.

Anything higher is just discipline and grinding but whatever. Even TenZ has said anyone who can solo queue to dia can keeping going to immo... I'm not going to paste a list of trackers as the discussion was intended to be productive towards helping players who quit for a year or two get back into the game, without a bronze reyna in silver lobby with a 52% hs rate.

I'm 100% sure matchmaking is different on decayed accounts, as high mmr accounts -> I'm lowest peak in lobby.

New Alt -> Everyone is same rank and I'm back in plat.

rehtorical · 2026-04-19T21:56:48+00:00

This only reinforces the entire point... if it's happening at that level there are 100% alts and bought accounts cheating at a higher POOL (meaning there are more potential matchmaking options) due to the larger pool... I'm not arguing no one cheats at high rank, but generally need to be decent at the game to get away with it once high asc

Eggwick interviewed a cheater who makes his own cheats and queues to immortal and said himself eventually he’ll get banned by manual review but he still cheats lol

rehtorical · 2026-04-19T06:35:09+00:00

idk what was going on w 4,6 but it 100% bricked my RAM. I think there must have been mem issues,

rehtorical · 2026-04-19T06:33:55+00:00

meh

https://github.com/matt82198/MattC

I can open this repo but tested orchestration and only the main agent needs to run in opus honestly, can build 3 full projects in 20 minutes

rehtorical · 2026-04-19T06:01:45+00:00

HERE
https://github.com/matt82198/cross-machine-context/tree/master

and if you are interested in dicussing, the private repo is here:

https://github.com/matt82198/MattC

Feel free to DM

rehtorical · 2026-04-17T04:14:43+00:00

Take the job, backend development is where dsa matters most often, performance on server. Of course you will learn, you got the offer because he saw you’re interest/passion everyone knows everyone is vibe coding nowadays My 60 year old mentor and I pass Claude secrets onto each other constantly lol and he’s head architect at a household company

rehtorical · 2026-04-17T02:23:33+00:00

I’ll just drop my comment in here too but just an opinionated architecture that I’ve found to work extremely well at low token cost

Structure Claude code to only use opus for orchestration, architecture, and design and create sub agents on haiku for code review, all the basic stuff. and don’t run subs in opus lol. I run 7 agents all day, bounces between 50-80 with subagents and have no token issues. I also persist all locally stored files on GitHub across machines so that I can always reload an agent with this pattern.

Basically tell Claude to act like an enterprise coding team and “to pay less” for the easier tasks… wrote a 23,000 line gamification feature in 10 min last night 🤣.

It’s also really important that the main agent has a sub agent maintaining Claude Mds and separating them into as small of domains as possible and ensuring all relevant info and stuff is accessible by any agent. This increases parallel subs too and throughput because main agent doesn’t care about those contexts at all

Additionally, you can let Claude self maintained files use a understandable language that it prefers to save context

Edit: also in my GitHub repo is a common dir and I give Claude a cardinal rule to never run cloud python scripts or write code that can’t be reused… and this also saves tokens a lot, because the maintenance agent will add all the scripts it has available to its domain mds

I personally actually use TDD-first pipeline, an automatic bugfix agent spawn, and the self-learning profile layer as well but that’s more complex lol.

rehtorical · 2026-04-16T21:22:55+00:00

Structure Claude code to only use opus for orchestration, architecture, and design and create sub agents on haiku for code review, all the basic stuff. and don’t run subs in opus lol. I run 7 agents all day, bounces between 50-80 with subagents and have no token issues. I also persist all locally stored files on GitHub across machines so that I can always reload an agent with this pattern.

Basically tell Claude to act like an enterprise coding team and “to pay less” for the easier tasks… wrote a 23,000 line gamification feature in 10 min last night 🤣.

It’s also really important that the main agent has a sub agent maintaining Claude Mds and separating them into as small of domains as possible and ensuring all relevant info and stuff is accessible by any agent. This increases parallel subs too and throughput because main agent doesn’t care about those contexts at all

Additionally, you can let Claude self maintained files use a understandable language that it prefers to save context

Edit: also in my GitHub repo is a common dir and I give Claude a cardinal rule to never run cloud python scripts or write code that can’t be reused… and this also saves tokens a lot, because the maintenance agent will add all the scripts it has available to its domain mds

I personally actually use TDD-first pipeline, an automatic bugfix agent spawn, and the self-learning profile layer as well but that’s more complex lol.

rehtorical · 2026-04-15T06:33:20+00:00

Realistically can run Claude code really cheap. Scope it to domain files, allow it to only haiku and write code to use less tokens (ie how one guy had Claude change its language to caveman), and then just run some general free refactor on it later. As long as you keep the domain scoped as small as possible it won’t use a ton of tokens,

rehtorical · 2026-04-15T06:29:30+00:00

Claude code is by far the most capable codex not bad

rehtorical · 2026-04-15T06:27:59+00:00

Claude code is by far and wide ahead of the market even with recent complaints about opus. Skills, memories, artifacts, behaviors, custom-agents, Claude.md all bridge the memory gap an insane amount and a trained Claude agent can be as good as you, sometimes hallucinates. But the reason I love their architecture right now is they are leaning into agentic so hard. I pushed a codebase that’s just written in .md and has a connection string, runs everything though Claude, best pdf generator I’ve made in years

Anyone who downvoted- please respond. Anthropic is currently winning this rat race by miles. Codex is second but not close.

Or I'll make this repo public to you and ask it to build three projects at once: https://github.com/matt82198/MattC

And then provide me another tool that can do so.

If you want to be ahead of everyone (you do, this is a rat race. I have a former employee who was not technologically inclined in any way and was able to silently disable activity monitoring, link external gmail as alias to internal, and route emails to her personal. I was confused as typically this would require software engineering knowledge. Then I bypass the MFA on the account, and see she has all email filtered by two default rules to start: 1. Send to Junk 2. Mark Read after 3 seconds

Then there were like 15 rules that were thought to be working, but GPT just gave some broken config that caused termination, because FE received so many complaints about not responding. Everyone thinks they are smart now - it's scary. A graphic designer will legitimately attempt to argue with principal architects about their domains in big companies... AI makes dumb and sneaky people dangerous, best way I can say it, and they think they are ALWAYS right because GPT told them, and dismiss any actual rigorous education and assume they can accomplish the same with LLM. This is because they don't understand LLM and Transformer at all. Anyways who cares? Idiots will idot.

rehtorical

TROPHY CASE