Ali-Al

@[email protected]
17 Followers
47 Following
15 Posts
Infosec, baking, lockpicking, Pathfinding, pranking mom
Ali-AlApr 27, 2023

@ktneely Automating on "garbage" introduces a ton of risk - you have to assume you're getting all the data and have perfect visibility before talking automation and 99% of orgs don't have that. They think they do, but they don't.

If you're automating alert responses, tune the alerts. If nobody's looking at it, why generate an alert? If you're automating information gathering, ask why your tools aren't giving you a whole picture and fix it. Automation *could* work in a static environment, but what org is ever static? If people have to constantly revise the automations, why not just do the work to begin with?

IR is not the place for automation bc you're 100% guaranteed to eventually miss something that will get you popped. Nobody wants to be on the hook for that but really, will insurance pay out on a breach that happened because automation obfuscated the attack before a human caught it? How many times will they do that before they start refusing?

This terrifies me because it's indicative that people are forging ahead with "automate ALL THE THINGS" without considering the risk generated by it, and implying that it frees up their humans for more interesting things when in reality it creates a new layer of labor around maintaining the automations. Worse yet, it creates a false sense of complete protection thinking automation catches more than humans do, which is pure vendor-speak and not true at all.

TL:DR - automation on bad datasets is a recipe for disaster, just fix your s**t and you don't need it.

Ali-AlApr 26, 2023
@ktneely These responses are terrifying to me.
Ali-AlMar 29, 2023
If corporations are people, does that mean they're generally the product of same-sex relationships?
Ali-AlJan 6, 2023
@varx @SwiftOnSecurity Really if we could just get a frame that's big enough to fit all the boxes in it, that would cover the daily roller coaster (in my world anyway lol)
Show threadAli-AlJan 5, 2023
@SwiftOnSecurity Don't most SIEMs have a built-in system for dropping raw logs that are similar enough to an initial one? Just keep the timestamps if the content never changes so you know how many came in and when, problem solved?
Ali-AlDec 15, 2022
@da_667 This calls for TWENTY cloves of garlic, I'm afraid to make it https://cooking.nytimes.com/recipes/1023012-san-francisco-style-vietnamese-american-garlic-noodles
San Francisco-Style Vietnamese American Garlic Noodles Recipe (Gift Recipe)

These noodles, adapted from the cookbook "The Wok" by J. Kenji López-Alt, and based on the noodle dish originally created and served by Helene An at San Francisco’s Thanh Long restaurant, are extraordinarily simple and delicious on their own, but that doesn’t mean you can’t fancy them up a bit. They go very well with seafood, and some raw, shell-​on shrimp stir-​fried along with the garlic right from the start would be an excellent addition. You could also add a few spoonfuls of tarako or mentaiko — ​Japanese salted pollock roe. Sushi-​style flying fish roe (tobiko) or salmon roe (ikura) would also be a great addition, as would chunks of crab or lobster meat, or even Western-​style caviar (if you’re feeling flush).

NYT Cooking
Ali-AlDec 7, 2022
#InfosecJobAffirmations - I have a ton of these and will post them randomly
Show threadAli-AlNov 14, 2022
@C0redump Hai! 
Ali-AlNov 14, 2022
I'm excited that my first post on here is about #HackerSecretSanta2022 <3 I can't wait for this year's victim - err, recipient!!