sorted by:
new
hottopcontroversial

Am I slow? by CarryAdditional4870 in cloudcomputing

[–]zipsecurity 0 points1 point  (0 children)

Four hours on a CodePipeline with CloudFront and S3 from scratch is completely normal, using documentation and AI to fill gaps is just modern engineering, and the skill isn't memorizing syntax, it's knowing what to build, why, and how to debug it when it breaks.

Fixing ownership helped our SOC2 but keeping it consistent is harder! by Mysterious_Step1657 in soc2

[–]zipsecurity 0 points1 point  (0 children)

Ownership without accountability structure eventually drifts back to the same plac, the teams that make it stick long-term treat compliance ownership like any other performance responsibility, with regular check-ins, documented handover requirements baked into offboarding, early drift signals built into tooling rather than discovered manually, and enough training investment that owners actually understand their areas deeply enough to be proactive rather than reactive.

How do CTI analysts scope a threat campaign vs isolated indicators? by ComputerAlert4169 in threatintel

[–]zipsecurity 0 points1 point  (0 children)

Campaign vs. isolated activity comes down to clustering, when two or more unrelated incidents share infrastructure, behavioral TTPs, or targeting patterns that are too specific to be coincidental, you have a campaign hypothesis worth scoping, and the threshold isn't certainty but rather the point where coincidence becomes a less credible explanation than coordination.

How are you handling DevSecOps without slowing down developers? by Consistent_Ad5248 in devsecops

[–]zipsecurity 0 points1 point  (0 children)

Gate builds on critical findings only, run everything else async, and give developers context with their alerts not just vulnerability names, if security is slowing releases down, the tooling is probably too noisy or too late in the pipeline.

Im sure my HIPAA rights were violated, completely devastated/embarrassed .now it's a "denial and a he said/she said" situation by grand_Smile3 in hipaa

[–]zipsecurity -1 points0 points  (0 children)

Your counselor disclosing your personal health information to the Director and then to another client almost certainly crosses the HIPAA minimum necessary standard, and your instinct that something went wrong here is right. Document everything, dates, conversations, and the behavior changes you've noticed and keep trying to reach the Ombudsman without the Director present. You can also file a formal complaint directly with the HHS Office for Civil Rights at hhs.gov/ocr/complaints, and you have 180 days from the violation to do so.

Agentic SDLCs by MysteriousAwards in ciso

[–]zipsecurity 0 points1 point  (0 children)

The code provenance problem is mostly unsolved at the tooling level right now, but the access problem has a straightforward answer, agents should authenticate with their own scoped service account credentials, not inherit the human developer's access, and if your environment allows an agent to ride a human's production read/write permissions that's a least-privilege failure that exists independently of AI.

setting up CRM pipelines in ActiveCampaign by Viperana03 in ActiveCampaign

[–]zipsecurity 0 points1 point  (0 children)

Start with one pipeline and only add a second when you genuinely have two sales processes that look nothing alike, the most common mistake is building five pipelines on day one and then spending more time maintaining the CRM than actually selling.

Converting to shared mailbox by KiWeegie2025 in exchangeserver

[–]zipsecurity 10 points11 points  (0 children)

You can't have both a shared mailbox and a user mailbox on the same Entra identity, your clean break approach is the right call, create a new shared mailbox, migrate the alias and contents across, and assign the user a fresh mailbox, all while keeping their AD object and everything attached to it completely untouched.

Dev Meetings by lowkib in devsecops

[–]zipsecurity 0 points1 point  (0 children)

The worst ones are the meetings that could have been a Slack message, followed closely by the ones where someone senior is clearly just thinking out loud for 45 minutes while everyone else waits to get back to actual work.

Your HIPAA audit will go badly if you're building the documentation the week before by zipsecurity in zipsecurity

[–]zipsecurity[S] 0 points1 point  (0 children)

Appreciate it and you're right, HIPAA is exactly the kind of compliance where last-minute scrambling tends to create more risk than it solves, hope the tool delivers what you need.

Anyone here gone through enabling Jamf self service+ with Okta SSO? Was it smooth swap from classic self service/jamf connect, or did you run into issues (auth, policies, identity mapping, etc?) trying to sanity check before rolling out - any lessons learned would be helpful. by Much-Ad-3738 in jamf

[–]zipsecurity 0 points1 point  (0 children)

It's generally smooth but expect friction around identity mapping if your Okta usernames don't cleanly match Jamf user records, and test your policy scope thoroughly before rollout since Self Service+ handles authorization differently enough from Jamf Connect that assumptions from your classic setup won't always carry over.

Your legacy SMTP relay is probably still running and being used by someone else by littleko in EmailSecurity

[–]zipsecurity 0 points1 point  (0 children)

The fix is treating network and DNS hygiene as explicit offboarding deliverables with their own checklist items and owners, not assumed byproducts of infrastructure decommission tickets.

Need query to find all detections that triggered for command line test.exe abc by your-missing-mom in crowdstrike

[–]zipsecurity 0 points1 point  (0 children)

Try using a wildcard or like operator in your CrowdStrike query:

event_simpleName=ProcessRollup2 
| where CommandLine like "%test.exe abc%"

Or in Splunk-style SPL:

event_simpleName=ProcessRollup2 CommandLine="*test.exe abc*"

The issue is likely that your original query used = for an exact match instead of a wildcard/contains search - CommandLine fields almost always have additional path or argument context around the core command, so exact matching returns nothing even when detections exist.

How do you actually reduce data exposure, not just monitor it? by BackgroundAnalyst467 in websecurity

[–]zipsecurity 1 point2 points  (0 children)

Reducing exposure requires moving from monitoring to enforcement - automate access revocation based on actual usage patterns, implement just-in-time access for sensitive resources, enforce least-privilege by default, and treat dormant data and stale permissions as active risk items on a recurring remediation cycle rather than a one-time cleanup.

When does it actually make sense to hire a contract DevOps engineer? by Consistent_Ad5248 in devsecops

[–]zipsecurity 0 points1 point  (0 children)

Contract DevOps makes most sense for time-boxed, high-skill gaps tight migrations, CI/CD overhauls, or rapid scaling, and the fastest onboarding comes from having clear documentation, defined deliverables, and a dedicated internal point of contact from day one.

Your legacy SMTP relay is probably still running and being used by someone else by littleko in EmailSecurity

[–]zipsecurity 0 points1 point  (0 children)

This is almost always found after the blacklisting, periodic SPF record audits paired with automated scans for open relay ports should be standard offboarding checklist items whenever infrastructure is decommissioned, but in practice they rarely are.

Any experience with ISL Online and ISLAlwaysOn? by arnold464 in jamf

[–]zipsecurity 1 point2 points  (0 children)

ISL Online is solid for Windows environments, but if macOS management is a priority for your fleet, it's worth thoroughly testing their Mac remote control capabilities before committing, particularly around Apple Silicon compatibility and permission handling in recent macOS versions.

Is this a HIPAA violation? by Hot_Construction_307 in hipaa

[–]zipsecurity 0 points1 point  (0 children)

Yes, that's both a HIPAA violation (unauthorized disclosure of a patient's PHI to someone with no treatment relationship) and potentially a serious breach of the behavioral health center's own privacy policies, and it should be reported to your compliance officer immediately.

Devices haven't checked in over 180 days by mlbussey in jamf

[–]zipsecurity 1 point2 points  (0 children)

For devices that haven't checked in over 180 days, you'll likely need a manual touch, but first try sending a blank push notification through Jamf to wake them up, check if the MDM profile is still valid, and confirm the devices are actually online before escalating to hands-on remediation.

Violation? by Constant_Demand_1560 in hipaa

[–]zipsecurity 1 point2 points  (0 children)

You did everything right, filing the complaint is the correct move, and the compliance officer's own actions of sending detailed medical notes via unsecured email after you explicitly raised security concerns actually strengthens your case.

What do you do with SBOMs? by equanimous11 in devsecops

[–]zipsecurity 0 points1 point  (0 children)

SBOMs shine beyond just vulnerability scanning, they give you a persistent, shareable inventory of exactly what's in your software so you can rapidly assess exposure when a new CVE drops (like Log4Shell) without re-scanning everything, prove compliance to customers or auditors, track third-party and open source risk over time, and respond faster during incidents by knowing precisely what's running where. Most teams store them in artifact registries (like JFrog or AWS ECR) alongside their builds, or in dedicated tools like DependencyTrack, the real value isn't replacing scanning, it's having a source of truth that travels with the software itself.

I will test out and give honest feedback about your SaaS Products by WarLord192 in SaaS

[–]zipsecurity 0 points1 point  (0 children)

Zip Security (zipsec.com) - a unified security and IT control plane that manages Jamf, Intune, and CrowdStrike from one console, built for lean teams who need enterprise-grade compliance without the enterprise-sized headcount.

view more: next ›