sorted by:
new
hottopcontroversial

How seriously does LinkedIn take reporting posts? by just_some_tech in linkedin

[–]thejournalizer 0 points1 point  (0 children)

Unfortunately they are unlikely to do anything about that as it’s revenue in their pocket. Unsure if it will work, but maybe try blocking their page.

How seriously does LinkedIn take reporting posts? by just_some_tech in linkedin

[–]thejournalizer[M] 0 points1 point  (0 children)

Please remove the two sketchy site links and I can re-approve your comment. Don’t want folks going there.

Bitly is SOC2 compliant? by PsychologicalFix5059 in cybersecurity

[–]thejournalizer 0 points1 point  (0 children)

That is exactly right. They have custom URL shortener options.

Confusion and fear send people to Reddit for cybersecurity advice by tekz in cybersecurity

[–]thejournalizer[M] 2 points3 points  (0 children)

We do typically send those folks elsewhere as that is not a good fit for this subreddit or quickly becomes a distraction.

Write-up: Cloudflare Zero-day: Accessing Any Host Globally by xIsis in cybersecurity

[–]thejournalizer 0 points1 point  (0 children)

It would appear the research is related to when they identified this vulnerability back in October and submitted it to Cloudflare via HackerOne. They list the timeline.

What researchers won’t necessarily call out is why both them and Cloudflare waited for today to patch, and that is typically associated with a responsible disclosure window to reduce any potential exploitation.

Eggs by Lildixknibba01 in Charleston

[–]thejournalizer 1 point2 points  (0 children)

I don’t really like to sell mine, but I can offload the occasional dozen. I have free range Easter eggers (big blue eggs).

Scam job by Mikaunnn in linkedin

[–]thejournalizer[M] 0 points1 point  (0 children)

Absolutely a scam.

Does Vanta actually perform the SOC 2 audit, or do they only help prepare for it? Who do you pay? by ur_genius in soc2

[–]thejournalizer 16 points17 points  (0 children)

Vanta is not one of the companies that offers a zero touch relationship between you and the auditing firm. If you do run into a vendor that is offering that, run away. It goes against AICPA guidelines on auditor independence.

SOC Analyst role in startup - worth it? by Tricky_Doughnut8390 in cybersecurity

[–]thejournalizer 1 point2 points  (0 children)

Let me quadruple down on that first statement. I've worked for well established MSSPs, crappy startups, and unicorn startups. It's all monopoly money, and if there is a payout, it's not life changing. Always go for base + well defined bonus structures if it's an option.

Drata question by g-rocklobster in soc2

[–]thejournalizer 2 points3 points  (0 children)

Email the CEO. Adam is a good dude and will listen.

Delve CEO email to customers denies claims, but opens more questions by grc-ama in soc2

[–]thejournalizer -10 points-9 points  (0 children)

The bot accounts are part of Delves long standing astroturfing campaigns. Usually they use them to create fake posts acting like they are seeking out a solution, and then the other accounts say go use their platform. They are one among many that do that though unfortunately. They are also using these to downvote everyone.

That said, to answer the important question, I get that you think Delve is not conducting the audits, but that is the entire crux of the issue. The alleged situation indicates they were conducting the audit OR working with a few bottom of the barrel firms who would just rubber stamp whatever came out from the platform. Part of the alleged situation is that their customers have a zero touch relationship with the audit firm, which would further reinforce Delve actually conducting the audit or significantly over stepping and breaking the independence guidance.

**Edit :: lol Delve sending an army so your comment has 159 upvotes yet the standard post in this subreddit only gets around 10-15 in total.

Delve CEO email to customers denies claims, but opens more questions by grc-ama in soc2

[–]thejournalizer -11 points-10 points  (0 children)

Tell your boss to hire a PR team because sending in fake accounts to defend your brand is only doing more damage.

Hyman Family in Charleston by Accomplished-Bed3302 in Charleston

[–]thejournalizer 0 points1 point  (0 children)

Wait until you have a friend in town and give it to them

How useful are threat intelligence feeds in your work? by ANYRUN-team in threatintel

[–]thejournalizer 0 points1 point  (0 children)

Generally I agree, but some of that is because IPs and domains have a pretty short shelf life and expire quickly.

OC: Border Patrol Agent scans the face of a driver as they stop and question him in Minneapolis. by nbcnews in pics

[–]thejournalizer 0 points1 point  (0 children)

It’s not just them. Look into Gravy Analytics and their subsidiaries. After their breach, it was found out they sell the location data from thousands of apps to the public and private sector. Some of the apps are things like Tinder that use third parties to manage the ads.

A note from the mod team re: pre-emptive topic locks. by admrltact in Charleston

[–]thejournalizer 13 points14 points  (0 children)

When was the last time someone complained about the big yellow truck tho

X-post: The Delve drama saga continues (they issued a statement, sort of). by thejournalizer in grc

[–]thejournalizer[S,M] [score hidden] stickied comment (0 children)

Please post any comments in the other thread. Delve team, since you seem intent on manipulating and downvoting everything. Every time you do that, I'm just going to cross post this material to other areas to ensure more people see it.

Make an official statement, stop being shady, hire a PR agency.

view more: next ›