Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Zack Korman Profile picture
Zack Korman
@ZackKorman
CTO @ Pistachio. I build AI cybersecurity stuff.
Oct 13 23 tweets 4 min read
As promised, a thread about AI in cybersecurity. I want to explain how these systems work and why I think despite the hype and the stupid sales people, there’s also something very real going on in this space. One caveat: I’m the CTO at Pistachio, so I’m obviously pretty biased. We have an AI insider threat detection product. But that also means I’ve worked very hands on with these systems. Still, grain of salt and all that.
Sep 27 29 tweets 5 min read
Here’s a thread about how I approached getting ISO27001 certified at Pistachio, written for people who hate these things as much as I do. As @IceSolst says, ACAB includes auditors. Caveats, as usual: First, I’m a total amateur. I did this once and hopefully never again. Some days I actively try to forget some of what I learned. ISO27001 made me dumber. This is just about what worked for me. Second, my org is 70 people, so YMMV. Anyway, here we go:
Sep 21 21 tweets 4 min read
Microsoft allows you to authorize enterprise apps with permissions in your tenant, and sometimes those permissions are super broad. Here’s a guide for monitoring those apps and (sort of) setting tighter restrictions than permissions allow. Note, this doesn’t actually modify permissions. What it does is allows you to set which endpoints you expect the app to call, and auto-delete the app if it accesses something else. It’s not perfect, but it’s something.