Showing posts from 2021

Talk on engineering productivity, metrics, and morale

You will find below my talk (sponsored by non-profit in Singapore) on engineering productivity, metrics, and morale.  The questions were awesome. 😎 Recording   Slides      

Security Shouldn't be a Secret. Why Transparency Matters

 Security Shouldn't be a Secret. Why Transparency Matters   Two discussions on this topic are below.   Interview with Security Weekly podcast Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage your reputation with your customers. However, there is another way. Transparency can be your ally in security.  In this interview, we will be talking about how transparency practices can lead to improved security. With transparency being one of our core values at GitLab, we will talk about the processes we have implemented to maintain our security stance while operating with the highest possible public transparency and how you can apply them to your enterprise to achieve increased security and transparency.  Recording:  ISSA webinar Security can

Nice to see this patent application I worked on with a peer published by the USPTO

Systems and Methods for Distributed Extended Common Vulnerabilities and Exposures Data Management Abstract In one aspect, the present disclosure is directed to systems and methods for validating and securely storing security entry updates. The security entry update is received from a contributor, and broadcast to a plurality of computing nodes. It then is determined whether to validate the received security update at each computing node of the plurality of computing nodes. If the received security entry update is validated, information relating to the received security update is added as transaction information in a current block, the current block is included in a blockchain that is stored in a datastore of each computing

Kali Linux moves to GitLab

I am thrilled to see the article on Kali moving to GitLab finally published.  It was great to collaborate with the folks from Kali as I have been a fan of it for years! How GitLab helped Kali Linux attract a growing number of community contributions Since moving to GitLab in 2019, Kali Linux has gone from company-only contributions to a growing number of community contributions. Kali Linux is a well-loved Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. We sat down with Ben Wilson ( @g0tmi1k ), senior developer at Kali, to hear more about why Kali Linux moved to GitLab and see if they've noticed any changes to their project since adopting GitLab as their DevOps solution. ... Full blog here:

The psychology of influence and hacking growth

 I finished two books recently on the related topics of hacking growth and the psychology of influence.   My notes and excerpts are below.  They surely do not do the books justice as the books include essential details and great stories about these concepts in action. They also discuss how to influence others (with good intentions or bad intentions).  The influence book also includes recognizing when someone is attempting to influence you and how to react accordingly. Influence: The Psychology of Persuasion I highly recommend this book for everyone who wants to influence others or detect when someone is attempting to manipulate them. Influence patterns The primary influencing patterns are:     •    Reciprocation
     •    Commitment & consistency
     •    Social proof
     •    Liking
     •    Authority
     •    Scarcity
 Reciprocation The reciprocation rule says that we should try to repay, in kind, what another person has provided us. Moocher and welsher are unsavory labels to