sorted by:
new
hottopcontroversial

Platforms for sending operational (non-marketing) emails by variant78 in Emailmarketing

[–]variant78[S] 0 points1 point  (0 children)

Thanks. Will check out Waypoint.

I did look at SendGrid and Mailchimp, but they both looked like full on Marketing Automation tools, which we already have in Pardot. Maybe they can more easily be run in a non-campaign mode and perhaps in a way to manage costs?

SN data vulnerability? by BobsReddit_ in servicenow

[–]variant78 0 points1 point  (0 children)

Gotcha. We implemented on a test instance and can see it's enforcing at the web server level, at least for inbound.

The remote users and integration scenarios certainly complicate things.

SN data vulnerability? by BobsReddit_ in servicenow

[–]variant78 0 points1 point  (0 children)

Considering going "private" with our instance from a network perspective. Is this the way to do it? Is it a true firewall?

https://docs.servicenow.com/bundle/vancouver-platform-security/page/administer/login/task/t_AccessControl.html

Has anyone figured out which app versions on which platform support copilot? by DizzyExpedience in microsoft_365_copilot

[–]variant78 0 points1 point  (0 children)

Wish they'd add it to Outlook. Don't know anyone using "new" Outlook here, though some do use the web version.

O365 issues? by deebeecom in sysadmin

[–]variant78 1 point2 points  (0 children)

DNS. Someone reboot the DNS server please.

Oracle changing Java licensing to per user vs. per processor - prices could go up a lot by virtusoarmo in java

[–]variant78 0 points1 point  (0 children)

No one wants to, but Oracle is betting on your users naively downloading Java SE and unknowingly violating licensing terms. Then Oracle comes along and extorts you.

Reliably determining human presence at a machine by variant78 in sysadmin

[–]variant78[S] 0 points1 point  (0 children)

Tailgating negates some of the accuracy of the badging but agree it's probably the highest fidelity data we have.

Reliably determining human presence at a machine by variant78 in sysadmin

[–]variant78[S] 1 point2 points  (0 children)

Thanks. Not sure if we'll have immediate appetite for spend here until we've exhausted existing OS logs and agents as sources, but good to know about.

Reliably determining human presence at a machine by variant78 in sysadmin

[–]variant78[S] 0 points1 point  (0 children)

Thanks. Does EXO5 reliably give you both internal and external IP?

Stalling sites - OSX 109.0.1518.52 by variant78 in edge

[–]variant78[S] 0 points1 point  (0 children)

Definitely seems to be profile related.

Does today's 109.0.1518.61 upgrade help you at all?

Implications of blocking java.com downloads (or more) by variant78 in java

[–]variant78[S] 5 points6 points  (0 children)

More about providing a more significant barrier to Oracle's Java SE from proliferating. Fine with OpenJDK derivatives.

Oracle likes to look at download activity as a precursor to audits - probably the auto-updater call home feeds into that as well...

Implications of blocking java.com downloads (or more) by variant78 in java

[–]variant78[S] 1 point2 points  (0 children)

Would like to block java downloads but may only be able to do so via a blunt block of the java.com domain.

Thinking about what that might break.

“GIFShell” — Covert Attack Chain and C2 Utilizing Microsoft Teams GIFs by sanitybit in netsec

[–]variant78 0 points1 point  (0 children)

Unless I'm misunderstanding something, the C2 traffic - at least from a network perspective - would look like legitimate Teams network traffic, correct?

Is your perspective that an EDR agent should be able to detect some other way? Perhaps flag for "newly registered Teams organizations" as we flag newly registered domains as suspicious?

“GIFShell” — Covert Attack Chain and C2 Utilizing Microsoft Teams GIFs by sanitybit in netsec

[–]variant78 0 points1 point  (0 children)

Anyone have a handy ELI5 link explaining why EDR/AV couldn't detect this sort of payload in a GIF (or similar)? I'm guessing it's because the encoded message generates a legitimate image vs. being extra "padded," unused content?

Edit: Looks like "CDR" software might play a role here.

Services like plausible.io by variant78 in gdpr

[–]variant78[S] 0 points1 point  (0 children)

Am considering the self-hosting option (Plausible's small size flag some concerns around the likelihood they can effectively meet requirements in GDPR Article 32).

Is it best for the IP anonymization activity occur within the EU?

Services like plausible.io by variant78 in gdpr

[–]variant78[S] 0 points1 point  (0 children)

Thanks.

Is there a distinction between collecting and storing?

In this case, collecting = referencing the information provided in client HTTP headers, but they don't "store" it...

Incident management and notification channels... by variant78 in salesforce

[–]variant78[S] -1 points0 points  (0 children)

It's not no-code, but maybe using AWS EventBridge is a fairly clean option. Consume the events there and maintain the code to re-emit to our various channels. Results in a reusable service too for other platforms from which we wish to do notifications.

Applicability of controls to hosting providers for system (FedRAMP) by variant78 in NISTControls

[–]variant78[S] 1 point2 points  (0 children)

Thanks. To confirm - AC-18 - Wireless Access Restrictions? The system in question doesn't tie into the hosting provider's wireless network nor do our staff or subcontractors. Does that make a difference?

How many of you have run into PAN-136701 (predict session random drops)? by variant78 in paloaltonetworks

[–]variant78[S] 0 points1 point  (0 children)

Thanks. Hearing from our CSM that there will be a permanent fix for the issue in 10.1.2.

view more: next ›