vpz6d ago
Taggart 

Threat intel and Cybersecurity research firms: if you're not providing RSS feeds to your blog, you're hurting your brand.

Whatever traffic you think you're driving to the site by preventing analysts from ingesting feeds is outweighed by the reputational damage of not providing a service we expect and rely on.

And if your reason is because it's hard behind Cloudflare, well, you're telling on yourself twice.

May 27 at 6:30pmWeb
Show threadDave Wilburn 6d ago

@mttaggart

Unfortunately, they know that the analysts/users aren't the ones writing the checks.

See also: the reason why business IT software is so universally awful.

Show threadTaggart 6d ago
@DaveMWilburn Maybe not but it's an easy fix and it prevents potshots like this. You cannot tell me there's a real business case for not doing it. Almost universally it's because of lazy usage of a CMS and/or CDNs.
Show threadDave Wilburn 6d ago
@mttaggart đź’Ż
Show threadChilly  đź›ˇď¸Ź  6d ago
@mttaggart
Prreeaacchh
Show threadsoup6d ago
@chillybot @mttaggart honestly with just the sheer volume of cyber security companies and with new ones popping up every single day, if it doesn’t make it into my feed aggregator I will literally forget it exists.
Show threadElric6d ago
@mttaggart RSS is hard behind Cloudflare? Yet another reason to stay away from those cunts.
Show threadTaggart 6d ago
@elricofmelnibone Basically if you're turning on anti-bot protections, you kill RSS feed collectors.
Show threadElric6d ago

@mttaggart But why? Rate limiting is a thing that exists, they could easily apply that to RSS feeds instead of the wholesale bot "protection" garbage they've got going on.

Yay centralisation. Sigh.

Show threadRastal6d ago

@mttaggart Also please always give the option for full RSS feeds not Atom feeds. Rarely, do I want to read only a couple of lines.

#rss

Show threadReid 6d ago
@mttaggart > And if your reason is because it's hard behind Cloudflare, well, you're telling on yourself twice.

my brain is hurting trying to understand how Cloudflare would even affect one's ability to have an RSS feed. (is it the access to the linked pages by the reader? can't think of anything else)
Show threadTaggart 6d ago
@reiddragon It's the bot protection and JavaScript-based verification.
Show threadReid 6d ago
@mttaggart yeah, thinking about it some more, i can see how that would mess up RSS readers
Show threadDan (he/him) 5d ago
@mttaggart @briankrebs Not to mention the companies that put them behind paywalls. If you make it hard to scrape your security advisories you are doing the entire internet - yourselves included - a huge disservice.
Show threadB'ad Samurai 5d ago

@mttaggart this week alone I have found two organization’s blogs I rather like, but no RSS.

I don’t want to band-aid it with a website watching service, so maybe I’ll just ping them and hope they don’t immediately schedule me for a sales call.

Show threadTaggart 5d ago
@badsamurai I did this over LinkedIn with a couple unnamed firms. In one case, this resulted in a RSS feed! However, that decision has since been reversed.
Show threadShecky - Third Wheel5d ago
@mttaggart but, but but, we need to monitize it, or promote our tools with the blog. we cannot just give it away. That is well.. too nice and then the bad guys can ingest our info also.
Show threadTaggart 5d ago
@siliconshecky I firmly believe that the goodwill engendered by an RSS feed has a higher conversion rate than forcing people to visit your godawful, popup-ridden website.
Show threadShecky - Third Wheel5d ago
@mttaggart Agreed, but the Corpos don't believe that.
Show threadTaggart 5d ago
@siliconshecky I actually don't know that this is a conscious executive decision in most cases. I think it's a lot more about modern CMSes and CDN configuration leading to RSS feeds being more trouble than they (seem) worth. So the site maintainers don't bother.