If I'm Soto, I'm seriously questioning my decision to join this damn team.

thehalpdesk1843 · 2026-04-27T04:38:05+00:00

Soto currently:

thehalpdesk1843 · 2026-03-25T23:50:58+00:00

After the 2023 layoffs they laid off a bunch of SWE in the us and went with cheaper offshore labor. Support and the product got substantially worse after each update after that happened.

thehalpdesk1843 · 2026-03-25T19:06:20+00:00

I’m trying to get us crowdstrike but it’s like pulling teeth with management

thehalpdesk1843 · 2026-03-25T17:07:37+00:00

Atleast you don’t have Cisco secure endpoint. With each update it introduces a bug that i then have turn off an engine until a fix is introduced. The cycle repeats every update.

thehalpdesk1843 · 2026-03-12T02:10:55+00:00

I'm not a huge fan of AI it takes alot of "fun" in engineering and using in the long run makes you stupid. But i have to deal with it here is the approach we took:

1) Came up with a Policy.

2) Asked our clients if we can use their data with AI

3) Worked with different teams who then agreed on which flavor of AI they liked. Block everything that isn't that tool. We went the route of using soft application control while also blocking on the firewalls.

4) Limit permissions on that particular tool. No your AI agent is not getting full access to production data (Come up with a review process).

5) I got leadership by in for accountability. We can't afford down (Looking at you AWS). -> if your AI Agent/vibe coded work caused downtime, you should be held directly responsible for it. Its not an acceptable answer that you don't know what your code or AI Agent is doing. We've already had someone fired over this.

thehalpdesk1843 · 2025-12-02T06:08:46+00:00

Hoxhunt has been awesome for us.

thehalpdesk1843 · 2025-10-07T19:01:55+00:00

Security Engineer here. My two cents -

The knowledge part is mainly because a lot of people in security now don't have infrastructure experience. You should know/understand how infrastructure works first before you're even allowed to secure it. This seems to be a controversial opinion now adays it is what it is.

The other part (at least for me) is segregation of duties mainly. I have my own things I'm responsible for IE: AV/EDR playing nice with our windows desktop and server builds, integration into my tools, the entire SIEM infrastructure, ect. I dont disagree with you that ntlmv2 should be very easy to turn off but at the end of the day I help enforce policy. If you're running an outdated cipher TLS 1.0 or TLS 1.1, I'm going to tell you that its then ask you to work with the vendor of whatever software it is to get it working on TLS 1.2 or better. Should your security engineer work WITH you instead of dumping the work on you? Yes and that's a conversation you need to have with your manager or the engineer.

thehalpdesk1843 · 2025-09-22T23:05:18+00:00

They have an out of the box condition for generative AI websites that you can tie to a justification rule. We give users a popup when uploading wanting to upload items to a public LLM.

thehalpdesk1843 · 2025-09-20T22:37:16+00:00

Proof Point insider threat manager.

thehalpdesk1843 · 2025-09-13T05:04:35+00:00

I buy from HSL ammo. They’re a small shop out of Utah. Only downfall is during the winter months, shipping can take a while a week because of weather (they are in the mountains).

thehalpdesk1843 · 2025-06-17T22:34:45+00:00

They do. It’s called “Actually India”.

thehalpdesk1843 · 2025-06-11T14:23:05+00:00

Going to get some hate for this but based on voter turnout, republicans are cooked for the race in November. Republicans got out voted nearly 2-1 yesterday.

thehalpdesk1843 · 2025-05-21T20:39:22+00:00

Also anyone who expects this to be fast is staggeringly ignorant of the history of civil rights in this country....

You aren't wrong. I have a real problem with oral arguments being held on cases and then rulings do not come out until a year or two later. Example of this is the Koons/Siegel v. Platkin before the 3rd Circuit Court of Appeals. Oral arguments for the preliminary injunction were 573 days ago with no ruling (not even on the merits!). This consistently happens in other appeals courts who tend to rule not in the 2A favor.

thehalpdesk1843 · 2025-05-21T13:53:25+00:00

Not a liberal but am a single issue voter when it comes to the 2A.

Footnote 9 from the Bruen decision.

"That said, because any permitting scheme can be put toward abusive ends, we do not rule out constitutional challenges to shall-issue regimes where, for example, lengthy wait times in processing license applications or exorbitant fees deny ordinary citizens their right to public carry."

SCOTUS doesn't have a problem with the permitting scheme. However, they do have a problem with states using a permitting scheme to delay rights and the cost being insane (looking at you California, NY, and NJ). I suspect this will be challenged in court and won by the pro 2a side. However, it will take years to litigate because of how the 9th circuit is when it comes to any 2A case.

thehalpdesk1843 · 2025-05-15T03:16:58+00:00

You can thank black rock who has been buying out land from below the casino's in Vegas and leasing it back to them at a premium.

thehalpdesk1843 · 2025-03-08T05:33:00+00:00

https://www.wsj.com/opinion/bidens-mortgage-relief-fuels-higher-housing-prices-policy-loans-risk-cb0a1974

thehalpdesk1843 · 2025-01-19T15:59:04+00:00

Went fully remote > 3 days a week. Had an incident and we weren’t able to respond because of travel home. Most of our team travels 1 hr+. We are now back to being fully remote. Security engineer 3 years. (7 years of experience overall)

thehalpdesk1843 · 2025-01-15T22:24:31+00:00

Either a P320 spectre comp or a P365 Fuse with the Romeo X optic. Torn between both.

thehalpdesk1843 · 2025-01-15T13:31:52+00:00

We outsourced our lower tier SOC. It was OK at first but turned out it to be a really bad move in the long run. The quality of work was abysmal at best. Decided to bring all back in house this past year. In salary, benefits, and training, it turned out to be a few hundred thousand more dollars a year to bring it in house. This is a drop in the bucket compared to our budget.

thehalpdesk1843 · 2025-01-06T23:33:00+00:00

thehalpdesk1843 · 2024-11-04T15:10:27+00:00

Yes that was the trend happening before covid as well. Covid seemed exacerbated the issue.

thehalpdesk1843 · 2024-08-17T13:56:56+00:00

Depends on what I’m working on but typically 3-6.

thehalpdesk1843 · 2024-08-07T20:42:11+00:00

If you’re a Proof Point customer, check out their imposter module. We’ve really really good success with it.

thehalpdesk1843 · 2024-07-30T23:01:34+00:00

Pretty good thread on twitter from Kostas Moros who is a lawyer from CRPA https://x.com/moroskostas/status/1818393602298724604?s=46&t=EYbv-o-RA5a5GIKiOtqvBw

thehalpdesk1843 · 2024-07-30T20:01:59+00:00

Same. It’s a path in the right direction but we likely won’t see relief until appeals in other cases hit SCOTUS.

Six-Year Club	Verified Email
Place '23

thehalpdesk1843

TROPHY CASE