Maya Kaczorowski
LightNews LightNews
mayakaczorowski.com
Maya Kaczorowski
@mayakaczorowski.com
600 followers 84 following 19 posts
I love puzzles almost as much as ice cream she/her
Posts Media Videos Starter Packs
Reposted by Maya Kaczorowski
wbm312.bsky.social
Whitney Merrill @wbm312.bsky.social · 24d
Oh look someone has ripped off most of my designs. They have also copied dozens of other sticker makers in the hacker community. I've reported them, but if they've stolen from you, you may want to report them too:

www.etsy.com/listing/4357...
www.etsy.com
5 5 18
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Sep 4
Wrote up some thoughts for how Okta is getting squeezed from all sides: squished by Rippling at the bottom, Msft at the top, and other markets and startups in the middle.
I hope you love some red string diagrams 🤣
ventureinsecurity.net/p/the-unbund...
The unbundling of Okta: are startups chipping away at Okta?
A guest post from Maya Kaczorowski who breaks down Okta’s competition and how Okta is not being unbundled, but rather squeezed from all sides.
ventureinsecurity.net
1 7 17
Reposted by Maya Kaczorowski
oblique.security
Oblique @oblique.security · Aug 26
Check out our cofounder @mayakaczorowski.com's post on @frankw.bsky.social's Frankly Speaking on how modern security teams are scaling.
Read the post for the new commandments of security teams: franklyspeaking.substack.com/p/the-new-co...
The New Commandments of Security Teams
Guest post by Maya Kaczorowski
franklyspeaking.substack.com
1 3
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Jul 2
@wbm312.bsky.social and I's talk from BSidesSF is now online: www.youtube.com/watch?v=wiq2...
Play along to learn about incident response!
BSidesSF 2025 - Plays Incident Response (Maya Kaczorowski, Whitney Merrill)
YouTube video by Security BSides San Francisco
www.youtube.com
1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Jun 23
What I've been up to the last few months: working on the untrendy but important problem of authorization in corporate environments. Check it out!
oblique.security Oblique @oblique.security · Jun 23
Identity management has quietly become the primary security perimeter. But it's a mess — identity requires constant manual work that security teams burn out from.

At Oblique, we're helping organizations make their access controls actually maintainable.

Full post: oblique.security/blog/identit...
Identity management is harder than it should be | Oblique
Identity management is surprisingly hard, as access controls change constantly, and getting them right requires context. We founded Oblique to work on impactful security problems.
oblique.security
1 4 26
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Apr 10
Yes! I find Subframe super easy to build and iterate on a reasonable prototype quickly. I also like that it’s relatively opinionated so what you’re building is consistent, not completely made up
1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Apr 10
“I’d rather eat something off Amazon than buy an SD card off Amazon”
2
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Mar 20
I dug into the FedRAMP marketplace data and see just why FedRAMP is so hot right now 🔥: while new authorizations haven't increased much, re-uses are skyrocketing.

Take a look at who is selling the most to government, and which agencies are buying: mayakaczorowski.com/blogs/fedramp
FedRAMP by the numbers
FedRAMP authorizations seem to have recently increased. Which providers benefit the most from FedRAMP, and who's buying? Let's look at the data.
mayakaczorowski.com
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Jan 23
“Let's say you've got horsepower and bandwidth to burn, and just want to see these AI models burn. ... It's also sort of an art work, just me unleashing shear unadulterated rage at how things are going.”

love to see it

www.404media.co/developer-cr...
Developer Creates Infinite Maze That Traps AI Training Bots
"Nepenthes generates random links that always point back to itself - the crawler downloads those new links. Nepenthes happily just returns more and more lists of links pointing back to itself."
www.404media.co
1 71 200
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Dec 25
Dear Santa: please no more security dashboards this year. We've got enough tools telling us about problems and that don't work well together — how about some that help the security team scale?
My wishlist for better security tools from an imaginary CISO: mayakaczorowski.com/blogs/ciso-wishlist
Dear Santa, all I want for Christmas is better security tools
What CISOs want for Christmas are better security tools -- that solve problems rather than just finding them, work like modern developer tools, consolidate functionality, cover complex environments, a...
mayakaczorowski.com
1 6
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Dec 12
Zero trust: everyone (was) talking about it, but how far did we get? From inventory basics to the long tail of unsolved challenges, here's a realistic look at where you are in your zero trust journey, from a talk @ericchiang.bsky.social and I gave in 2022 😅 mayakaczorowski.com/blogs/road-t...
The road to zero trust is paved with good intentions
Where is your organization really in your zero trust journey, and how much further do you have to do? Implementing a true zero trust architecture is more aspirational than achievable.
mayakaczorowski.com
3 5
Reposted by Maya Kaczorowski
ericchiang.bsky.social
Eric Chiang @ericchiang.bsky.social · Dec 12
@mayakaczorowski.com and I are publishing the write up of our 2022 NorthSec talk on the hard parts of zero trust. Which made me wonder, how's that US executive memorandum requiring agencies to adopt ZTA by 2024?

ericchiang.github.io/post/zero-tr...
Eric Chiang | The road to zero trust is paved with good intentions
ericchiang.github.io
1 1 1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Dec 10
What keeps security leaders up at night? I interviewed 57 CISOs and security leaders to find out. The answers were surprisingly consistent: access management challenges, vulnerability management complexity, and limited SaaS visibility. Read the post: mayakaczorowski.com/blogs/what-s...
What sucks in security? Research findings from 50+ security leaders
I interviewed 57 security leaders and asked them "What sucks in security?" Their top pain points were inconsistent access management, vulnerability prioritization and remediation, and obtaining SaaS l...
mayakaczorowski.com
2 16 31
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Jul 27
him: "you have so many passwords in data dumps"
me: "wait is my neopets password in there? I want to play but if says i don't have an account"
3
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Jun 9
(It’s been just over a month 🤷‍♀️)
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · Jun 9
I haven’t used the United app in so long I need to redownload it 😅
2 1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · May 22
“I don’t know why, I just know champagne”
1 2
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · May 17
I can’t find where my paper towel is supposed to go
1 1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · May 17
“Chapter 10: higher education”
1 1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · May 17
I’m in a fancy restaurant in Palo Alto and there’s an audiobook playing in the bathroom
1 1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · May 10
@twitchyliquid64.bsky.social hello hi
1 1
mayakaczorowski.com
Maya Kaczorowski @mayakaczorowski.com · May 8
i’m too old for this
1 12