Profile picture
Jake Williams
@MalwareJake
, 9 tweets, 2 min read Read on Twitter
Starting tomorrow, vendors will be competing for security $$ at one of the biggest events of the year. They'll make promises about efficacy. I'll give them the benefit of the doubt on their claims. But before saying "ooh, shiny, I NEED one of those" ask yourself some questions 1/
1. Do I really need this? Why? Let's assume it solves a problem. Is this a problem I have?
2. Am I buying a response capability when I don't have a corresponding detection capability? You won't be responding to 100% of what you don't detect... 2/
3. Are you buying *another* detection capability where you already have redundancy but lack a response capability? I've lived that. It sucks to say "we saw them (again) and watched while they moved laterally (again) and exfiltrated data faster than we could respond." 3/
4. Are you buying a detection capability that will only be triggered after other capabilities would have already detected the attacker? E.g. code injection detection is awesome. But code injection isn't magic. The attacker needs to be executing on the box first. 4/
5. Is this a VC funded startup? If so, what are the odds they sell out vs. going public? Because those are really the only two outcomes. If they sell out, all promises made about support, direction, etc. are off the table. 5/
6. Examine your recent incidents. If you haven't had any, talk to your ISAC or sharing group about theirs. Would the product have enabled earlier detection, faster response, or mitigated damage in those specific circumstances? If not, what's YOUR value proposition? 6/
7. Do you have the expertise in house to use the product to it's potential? The demo was awesome, but it was operating in a contrived environment and being driven by experts. Your results may (will) vary. Do you have budget for professional services too? 7/
8. Does your org have the political will to deploy the solution. This is a major fail point. Many orgs buy solutions they can't get deployed due to various logistical hurdles. I hate to see budget wasted on bitrot. 8/
I could go on all night, but I'm going to end here. Go attend all the vendor parties and collect all the awesome tee shirts (and donate them to the homeless/underprivileged), but don't get suckered into buying stuff you don't need/can't use. /FIN
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Jake Williams
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @MalwareJake see all

Profile picture
Jake Williams
@MalwareJake
Vegas is a cesspool. Keep your head on a swivel. Look out for each other. Never leave a drink out of your sight. Some men think this is only a problem for women. It is not.

Years ago (not at BH/DC) I was rufied at an industry security conference in Vegas. 1/
I stayed silent about this for years (getting drugged and robbed is pretty damn embarrassing after all). But last year, coming into #hackerSummerCamp I started talking about this publicly to educate others.

I was beyond lucky in my experience. It was a best case, worst case. 2/
I was at a bar in a casino lobby and got hit by a pair of women working together. They just looked like tourists. One of them sat down and drew me into a conversation. The other one (who I hadn't seen yet), swooped in and drugged my drink while my attention was elsewhere. 3/
Read 10 tweets
Profile picture
Jake Williams
@MalwareJake
Takeaways from #CapitalOne:
1. Having a disclosure program may have saved them. I'm FAR less likely to report to an org that lacks a disclosure policy.
press.capitalone.com/phoenix.zhtml?…
Read 7 tweets
Profile picture
Jake Williams
@MalwareJake
Please join me in congratulating @13M4C on his SANS Certified Instructor promotion. I've co-taught with a lot of other instructors over the years, but rarely have I seen someone with such subject matter expertise and the ability to communicate it clearly to students. 1/
I've known Brandon for years - he's my business partner and the @RenditionSec CEO. People regularly say "but you still really run the company, right?" Negative. BMAC has the helm. I'm there in an advisory role, but true to military chain of command, there is only one leader. 2/
Brandon was forced on SANS when I had a large SEC660 class and SANS couldn't find a TA. I said "I've got it covered." They said "but he hasn't taken SEC660 and he doesn't have the cert." I'm like "the dude runs my (our) company - he's solid." They relented and said okay. 3/
Read 6 tweets

Related threads

Profile picture
Darren Mooney
@Darren_Mooney
#NowWatching “X-Men.”

A film franchise with a complicated, but surprisingly important legacy.

Although there were obviously superhero films before, and films like “Blade” are often overlooked, “X-Men” is ground zero for the modern superhero boom.
Of course, it is, quite rightly, impossible to talk about the series without acknowledging that Bryan Singer is a well-documented sexual predator.

This informs the films’ legacy, although it seems under-discussed compared to the emergence of the MCU.

theatlantic.com/magazine/archi…
The cornerstone of the modern American popular landscape was laid by a serial sexual predator. Built to a blueprint he laid.

While it seems like the cultural mood has shifted on the “X-Men” films, it’s strange to me that this isn’t the catalyst.

theatlantic.com/entertainment/…
Read 218 tweets
Profile picture
Tracybeanz
@tracybeanz
1. THREAD: Many of you are familiar with the "List of 200". It is a listing of 200 accounts that some people who did a "study" said were either wittingly or unwittingly involved in some sort of disinformation campaign regarding election fraud. iwr.ai/voterfraud/ind…
2. This report was used in a broader article from Politico about foreign influence campaigns in social media, because the same company did both "studies". This article was tweeted by Hillary Clinton. . politico.com/story/2019/02/…
3. The group, Guardians.ai is stating that the 200 accounts they identified as part of a huge campaign to spread FakeNews about election fraud, is also participating in disinformation against 2020 dem presidential candidates.
Read 54 tweets
Profile picture
Tim Pool
@Timcast
1/ A Thread on racial violence and the media

First, I wish Maajid Nawaz a swift recovery and all the best.

We should absolutely condemn violence and racism in all its forms.

2/ I have tremendous respect for Maajid and have interviewed him in the past.

I want to make a few points as this relates to Jussie Smollett
3/ Smollett's story directly accused Trump supporters which I believe led to scrutiny of the story. It directly conflicted with a political faction and a sub category of that faction directly.
Read 11 tweets
Profile picture
Connor Ratliff
@connorratliff
Almost all of the Road Runner cartoons are available via the @BoomerangToons app.

I subscribed for $5 & decided I'm gonna watch & tweet about 'em all in chronological order, even the later, terrible ones, for which I have an irrational affection.

Here we go.
#BeepBeep
#MeepMeep
Boomerang lists them alphabetically not chronologically so Chuck Jones masterpieces sit side-by-side with 1960s atrocities (& later 'revival' attempts.)

I am going to start at the beginning. I will also be including Wile E. Coyote/Bugs Bunny & Ralph Wolf/Sam Sheepdog shorts, FYI
September 17, 1949: "Fast And Furry-ous"

Chuck Jones intended this short to be a parody of cat & mouse "chase" cartoons. Instead, he accidentally created the definitive chase cartoon series of all time.
Read 1189 tweets
Profile picture
Aaron
@TheGhostImpala
1-Wow. What a group. What a group. Thank you. Thank you very much. Thank you, folks. Thank you, folks. It's great to be right here in Florida, which we love.

In 26 days, we are going to win this great, great state and we are going to win the White House.
2-Our movement is about replacing a failed and corrupt — now, when I say "corrupt," I'm talking about totally corrupt — political establishment, with a new government controlled by you, the American people.
3-There is nothing the political establishment will not do — no lie that they won't tell, to hold their prestige and power at your expense. And that's what's been happening.
Read 150 tweets

Trending hashtags

#Fintech #BassTrial #17Black #NowWatching #ThoughtsAndPrayers #China #ISupportClarissa #ALLAmericaUnite #metoo #CovingtonCatholic #SorryNotSorry #law140 #Azerbaijan #MeepMeep #MAGA #MerryXmas #MeToo #Marr #CaptainMarvel #DaphneCaruanaGalizia #LoveTruthPeace #Malta #CleanUpTheMSM #PeacefullyRemove #Labour
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!