Jesse D'Aguanno
@x30n.bsky.social
Hacker, Vuln Research, 2x winner DEF CON CTF, Founder & CEO Blackwing Intelligence, not a CISSP
Unfortunately, security properties address one piece of the overall goal, and are sometimes conflicting. So you have to first identify what _your_ goal is, in terms of security, and implement measures that apply to the properties that are important to that goal.
March 25, 2025 at 7:44 PM
Unfortunately, security properties address one piece of the overall goal, and are sometimes conflicting. So you have to first identify what _your_ goal is, in terms of security, and implement measures that apply to the properties that are important to that goal.
Security isn’t binary. We need to somehow teach people to think in terms of simple threat models.
March 25, 2025 at 7:44 PM
Security isn’t binary. We need to somehow teach people to think in terms of simple threat models.
Us: Use MFA for security
Everyone: OK, secure!
Us: Well, only if you’re not being phished, and no one can subvert the delivery mechanism, and …
Everyone: 🙄
Everyone: OK, secure!
Us: Well, only if you’re not being phished, and no one can subvert the delivery mechanism, and …
Everyone: 🙄
March 25, 2025 at 7:44 PM
Us: Use MFA for security
Everyone: OK, secure!
Us: Well, only if you’re not being phished, and no one can subvert the delivery mechanism, and …
Everyone: 🙄
Everyone: OK, secure!
Us: Well, only if you’re not being phished, and no one can subvert the delivery mechanism, and …
Everyone: 🙄
Wow, that’s high praise. Ordering
December 18, 2024 at 3:47 AM
Wow, that’s high praise. Ordering
Glad to see you’ve gotten on board the Binja train 🚂 😋
December 9, 2024 at 6:23 PM
Glad to see you’ve gotten on board the Binja train 🚂 😋
There are some legacy security professionals that wear “I don’t code” as a badge of honor, but they’re dying out. Just like traditional system administration was replaced by devops.
November 5, 2023 at 9:55 PM
There are some legacy security professionals that wear “I don’t code” as a badge of honor, but they’re dying out. Just like traditional system administration was replaced by devops.
how to software, any day.
Although my background is in vulnerability research, this is not only applicable to finding vulns, appsec, etc. Security operations, network security, etc. automation is the future (current in mature orgs).
…
Although my background is in vulnerability research, this is not only applicable to finding vulns, appsec, etc. Security operations, network security, etc. automation is the future (current in mature orgs).
…
November 5, 2023 at 9:55 PM
how to software, any day.
Although my background is in vulnerability research, this is not only applicable to finding vulns, appsec, etc. Security operations, network security, etc. automation is the future (current in mature orgs).
…
Although my background is in vulnerability research, this is not only applicable to finding vulns, appsec, etc. Security operations, network security, etc. automation is the future (current in mature orgs).
…