Matthias
@grambulf.bsky.social
Reposted by Matthias
🎉🥳My latest whitepaper has been nearly a year in the making and it’s finally out! 🎉🥳
A huge thanks to the many friends and colleagues that participated in the review process.
www.vectra.ai/resources/co...
#gcp #aws #msft #NHI #cloudsecurity #multicloud
A huge thanks to the many friends and colleagues that participated in the review process.
www.vectra.ai/resources/co...
#gcp #aws #msft #NHI #cloudsecurity #multicloud
Comparing CSP-Managed Machine Identities
Comparing AWS, Google Cloud, and Microsoft CSP-managed machine identities, risks, and security responsibilities.
www.vectra.ai
September 11, 2025 at 8:03 PM
🎉🥳My latest whitepaper has been nearly a year in the making and it’s finally out! 🎉🥳
A huge thanks to the many friends and colleagues that participated in the review process.
www.vectra.ai/resources/co...
#gcp #aws #msft #NHI #cloudsecurity #multicloud
A huge thanks to the many friends and colleagues that participated in the review process.
www.vectra.ai/resources/co...
#gcp #aws #msft #NHI #cloudsecurity #multicloud
Reposted by Matthias
![[PANEL 1 - Threddy and Freddy chatting in a conference room]
Freddy: I'm requiring all employees to return to the office.
Threddy: Do you have space for everyone?
Freddy: No. But the data clearly shows that employees will be happier.
Threddy: Can we see the data?
Freddy: Also no.
Threddy: I feel really good about this.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:watmxkxfjbwyxfuutganopfk/bafkreigzaadvwcl6ywsnq3auflscvn4oc6lzi6y3z5fh3vrixfyg6g2cj4@jpeg)
Reposted by Matthias
Reposted by Matthias
Certificate Transparency is meant for browsers and website owners.
However, I estimate a majority of clients is only interested in discovering domain names. I am proposing an optional, less secure, 20x more efficient API for those clients.
With this, a CT log can probably operate with < 1 Gbps.
However, I estimate a majority of clients is only interested in discovering domain names. I am proposing an optional, less secure, 20x more efficient API for those clients.
With this, a CT log can probably operate with < 1 Gbps.
The names tiles Static CT API extension
Certificate Transparency Policy
groups.google.com
August 4, 2025 at 11:29 AM
Certificate Transparency is meant for browsers and website owners.
However, I estimate a majority of clients is only interested in discovering domain names. I am proposing an optional, less secure, 20x more efficient API for those clients.
With this, a CT log can probably operate with < 1 Gbps.
However, I estimate a majority of clients is only interested in discovering domain names. I am proposing an optional, less secure, 20x more efficient API for those clients.
With this, a CT log can probably operate with < 1 Gbps.
Reposted by Matthias
I'll be testifying tomorrow at 10am before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection about Stuxnet and critical infrastructure security. Also on panel will be Rob Lee (Dragos), Tatyana Bolton, and Nate Gleason
Fully Operational: Stuxnet 15 Years Later and the Evolution of Cyber Threats to Critical Infrastructure. – Committee on Homeland Security
homeland.house.gov
July 21, 2025 at 5:27 PM
I'll be testifying tomorrow at 10am before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection about Stuxnet and critical infrastructure security. Also on panel will be Rob Lee (Dragos), Tatyana Bolton, and Nate Gleason
Reposted by Matthias
When I was little, the U.S. military came to our home at gunpoint and took me and my family away. We were imprisoned for years in barbed wire camps simply because we were Japanese American. I have spent my life telling that story, hoping it would never be repeated.
July 21, 2025 at 5:20 PM
When I was little, the U.S. military came to our home at gunpoint and took me and my family away. We were imprisoned for years in barbed wire camps simply because we were Japanese American. I have spent my life telling that story, hoping it would never be repeated.
Reposted by Matthias
An out-of-schedule update to my quantum landscape chart: sam-jaques.appspot.com/quantum_land..., prompted by
@craiggidney.bsky.social 's new paper: arxiv.org/abs/2505.15917.
A startling jump (20x) in how easy quantum factoring can be!
Also: much improved web design!
@craiggidney.bsky.social 's new paper: arxiv.org/abs/2505.15917.
A startling jump (20x) in how easy quantum factoring can be!
Also: much improved web design!
June 19, 2025 at 6:52 PM
An out-of-schedule update to my quantum landscape chart: sam-jaques.appspot.com/quantum_land..., prompted by
@craiggidney.bsky.social 's new paper: arxiv.org/abs/2505.15917.
A startling jump (20x) in how easy quantum factoring can be!
Also: much improved web design!
@craiggidney.bsky.social 's new paper: arxiv.org/abs/2505.15917.
A startling jump (20x) in how easy quantum factoring can be!
Also: much improved web design!
Reposted by Matthias
It’s a good thing Congress isn’t alive to see this
June 22, 2025 at 12:47 AM
It’s a good thing Congress isn’t alive to see this
Reposted by Matthias
Bluesky is not twitter because we block losers before we even see their sad attention seeking. Think of it as vaccinating your account. Here’s an example:
1. Go to @skywatch.blue
2. Tap Lists and scroll down to MAGA
3. Tap subscribe & then block accounts.
4. All the magas now rot on the vine
1. Go to @skywatch.blue
2. Tap Lists and scroll down to MAGA
3. Tap subscribe & then block accounts.
4. All the magas now rot on the vine
June 19, 2025 at 1:47 AM
Bluesky is not twitter because we block losers before we even see their sad attention seeking. Think of it as vaccinating your account. Here’s an example:
1. Go to @skywatch.blue
2. Tap Lists and scroll down to MAGA
3. Tap subscribe & then block accounts.
4. All the magas now rot on the vine
1. Go to @skywatch.blue
2. Tap Lists and scroll down to MAGA
3. Tap subscribe & then block accounts.
4. All the magas now rot on the vine
Reposted by Matthias
New blog: I’ll admit, this one’s a bit of a ramble, mostly because I care a lot about how we give feedback, how we receive it, and why it so often feels like an attack (even when it isn’t).
TL;DR: Feedback is care, when it’s done with intention.
ashley.dev/posts/feedba...
TL;DR: Feedback is care, when it’s done with intention.
ashley.dev/posts/feedba...
Ashley Willis
TL;DR This one’s a bit of a ramble because I care a lot about this topic. So here’s the TL;DR for anyone who doesn’t have the energy (or executive function) to ...
ashley.dev
June 17, 2025 at 12:54 AM
New blog: I’ll admit, this one’s a bit of a ramble, mostly because I care a lot about how we give feedback, how we receive it, and why it so often feels like an attack (even when it isn’t).
TL;DR: Feedback is care, when it’s done with intention.
ashley.dev/posts/feedba...
TL;DR: Feedback is care, when it’s done with intention.
ashley.dev/posts/feedba...
Reposted by Matthias
Whoever this “Jenkins” bastard is, they have access to everything! Begin the incident response immediately.
Do you have an S3 bucket or DDB table with your companies crown jewels? 👑💎 Now IAM Access Analyzer tells you all the users and roles in your organization that have access to them gems. 🧵 (1/8)
June 17, 2025 at 2:49 PM
Whoever this “Jenkins” bastard is, they have access to everything! Begin the incident response immediately.
Reposted by Matthias
CUT MY LIST IN TWO PIECES
THAT’S HOW YOU START QUICKSORT
THAT’S HOW YOU START QUICKSORT
May 31, 2025 at 2:21 AM
CUT MY LIST IN TWO PIECES
THAT’S HOW YOU START QUICKSORT
THAT’S HOW YOU START QUICKSORT
Reposted by Matthias
My talk, 'Security Champion Worst Practices', from @ndc_conferences, is now available on YouTube!
https://twp.ai/9PRKFn
https://twp.ai/9PRKFn
May 25, 2025 at 8:48 PM
My talk, 'Security Champion Worst Practices', from @ndc_conferences, is now available on YouTube!
https://twp.ai/9PRKFn
https://twp.ai/9PRKFn
Reposted by Matthias
The event went smoothly despite the storms; there was a minor power outage. The youth had a great time and the free photo booth was a hit. I see why my friend does this and I hope to join him again.
We're still fundraising for the organizers (not ourselves; so far only we have donated) here:
We're still fundraising for the organizers (not ourselves; so far only we have donated) here:
May 17, 2025 at 1:47 PM
The event went smoothly despite the storms; there was a minor power outage. The youth had a great time and the free photo booth was a hit. I see why my friend does this and I hope to join him again.
We're still fundraising for the organizers (not ourselves; so far only we have donated) here:
We're still fundraising for the organizers (not ourselves; so far only we have donated) here:
Reposted by Matthias
Another one in the books! Kubernetes v1.33: Octarine is live. Congratulations to the release team!
kubernetes.io/blog/2025/04...
kubernetes.io/blog/2025/04...
Kubernetes v1.33: Octarine
Editors: Agustina Barbetta, Aakanksha Bhende, Udi Hofesh, Ryota Sawada, Sneha Yadav
Similar to previous releases, the release of Kubernetes v1.33 introduces new stable, beta, and alpha features. The c...
kubernetes.io
April 23, 2025 at 6:51 PM
Another one in the books! Kubernetes v1.33: Octarine is live. Congratulations to the release team!
kubernetes.io/blog/2025/04...
kubernetes.io/blog/2025/04...
Reposted by Matthias
I’m launching SVE next week: Sean’s Vulnerability Emotes. SVEs will be rated on a scale of 🤨😕☹️😰😱💀☠️
April 15, 2025 at 9:57 PM
I’m launching SVE next week: Sean’s Vulnerability Emotes. SVEs will be rated on a scale of 🤨😕☹️😰😱💀☠️
Reposted by Matthias
Nginx doesn't actually load balance; it simply convinces backend servers they're handling less traffic through subtle psychological manipulation.
April 2, 2025 at 11:55 AM
Nginx doesn't actually load balance; it simply convinces backend servers they're handling less traffic through subtle psychological manipulation.
Reposted by Matthias
Truest meme I've seen in a long time
March 29, 2025 at 7:14 PM
Truest meme I've seen in a long time
Reposted by Matthias
Use Signal; use Tor.
Wait, not like that.
Wait, not like that.
March 24, 2025 at 6:14 PM
Use Signal; use Tor.
Wait, not like that.
Wait, not like that.
Reposted by Matthias
Did you know Mortal Kombat is based off of Scandinavian Folkore?
It's a Finnish Hymn.
It's a Finnish Hymn.
March 11, 2025 at 6:19 PM
Did you know Mortal Kombat is based off of Scandinavian Folkore?
It's a Finnish Hymn.
It's a Finnish Hymn.
Reposted by Matthias
No matter what the US does, the rest of the world is going to spend the next twenty years dismantling US power and influence because we are too dangerous and unreliable to maintain it.
March 9, 2025 at 6:24 AM
No matter what the US does, the rest of the world is going to spend the next twenty years dismantling US power and influence because we are too dangerous and unreliable to maintain it.
Reposted by Matthias
It's international women's day and that means it's the day I self-promote! I've written a few good books including my most recent on Platform Engineering, check them out here!
amzn.to/3QYGaoB
amzn.to/3QYGaoB
Camille Fournier: books, biography, latest update
Follow Camille Fournier and explore their bibliography from Amazon's Camille Fournier Author Page.
amzn.to
March 8, 2025 at 7:05 PM
It's international women's day and that means it's the day I self-promote! I've written a few good books including my most recent on Platform Engineering, check them out here!
amzn.to/3QYGaoB
amzn.to/3QYGaoB