Clint Gibler

@clintgibler

Technical Director / Research Director . 💙 and automated bug finding. BSidesLV/AppSec Cali/DevSecCon/CactusCon/Shellcon review board

San Francisco, CA
tldrsec.com
Vrijeme pridruživanja: srpanj 2012.
135 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @clintgibler

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @clintgibler

  1. Prikvačeni tweet
    16. sij

    I watched all 44 2019 talks (~32 hours of video) and wrote detailed summaries for you 📚 Learn about , scaling security, threat modeling, building a security program, & more.

    6 replies 176 proslijeđenih tweetova 399 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    prije 6 sati

    The largest external risk to American democracy is an attack that combines a technical assault against our widely distributed and poorly secured election infrastructure with disinformation that American partisans will happily amplify.

    13 replies 148 proslijeđenih tweetova 354 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. prije 18 sati

    tl;dr sec has over 1,000 subscribers! 📈🚀😱 Thank you for taking the time to read it, and I really appreciate all the kind words people have said 🙏 If you're not currently a subscriber & want to see what the fuss is about, you can check it out here:

    1 reply 19 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    31. sij

    Last week I saw 's talk from Appsec Cali, which was a "best of" analysis of 50+ Appsec Cali / USA talks. This week I gave my team a "best of" version of Clint's talk because I couldn't wait for them to see the recording. Super meta, right?

    1 reply 1 proslijeđeni tweet 10 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    31. sij

    oh hey I'm in the news

    4 proslijeđena tweeta 25 korisnika označava da im se sviđa
    Poništi
  6. 30. sij

    If you found this write up useful, check out tl;dr sec, a weekly-ish newsletter I send out with: 📚 Summaries of great security talks 🛠️ The latest tools and useful blog posts 🧪 My various research projects Thanks for reading, have a great day! 😎

    1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. 30. sij

    Loved the discussion of automatically determining ownership (asset inventory ftw!) and auto-prompting resource owners via a Slack bot to confirm they caused certain events. This is a great way to scale security engineer time 🤘

    1 reply 1 proslijeđeni tweet 5 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  8. 30. sij

    📚 tl;dr sec 22 * slides from , tool by * & on decrypting WhatsApp messages * on Kubernetes security monitoring @ scale using

    1 reply 9 proslijeđenih tweetova 20 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    30. sij

    Woot! So and I have put our heart and soul into this course and are putting on a special edition just for Black Hat USA and I cannot wait!

    5 replies 12 proslijeđenih tweetova 36 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    29. sij

    the memetic campaigns aren't by accident. it's all targeted, all the result of long-running experiments that we've missed. it's all to redesign propaganda campaigns for the digital modern age. the big point here is immersiveness; flooding the arena with the content.

    3 proslijeđena tweeta 3 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    29. sij

    Nice thread from Clint with many references on how to scale security. Thanks for the Netflix shoutouts!

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.
    Prikaži ovu nit
    1 reply 2 proslijeđena tweeta 11 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    29. sij

    This is a great talk about how to do security in a modern software engineering environment:

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.
    Prikaži ovu nit
    12 proslijeđenih tweetova 38 korisnika označava da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    29. sij

    Just reviewed these awesome slides (and will have to watch the recording when it comes out).

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.
    Prikaži ovu nit
    1 reply 2 proslijeđena tweeta 9 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    29. sij

    This deck is absolute gold. You'll laugh, you'll cry, you'll see projects you succeeded at, projects you failed at, and you'll be inspired. Enjoy!!

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.
    Prikaži ovu nit
    1 reply 1 proslijeđeni tweet 2 korisnika označavaju da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    28. sij

    I know it's early, but this is my vote for talk of the year. This is a tremendous effort by Clint, and is stellar work. So many threads to follow/learn, so much help for security teams. I wish I had this years ago - I had to learn many of these lessons through trial/error.

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.
    Prikaži ovu nit
    1 reply 5 proslijeđenih tweetova 16 korisnika označava da im se sviđa
    Poništi
  16. 28. sij

    If you liked this thread, check out tl;dr sec, a weekly-ish newsletter I send out with: 📚 Summaries of great security talks 🛠️ The latest tools and useful blog posts 🧪 My various research projects Thanks for reading, have a great day! 😎

    1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. 28. sij

    Phew, that was a lot, but you made it!

    1 reply 2 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. 28. sij

    🗓️ Security Endgame Start taking on more ambitious, higher leveraged projects. * Become more highly leveraged with your time (Targeting Vuln Classes) * Invest in projects w/ high security ROI & minimal ongoing time reqs (automating least priv, invariants, quantify risk)

    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. 28. sij

    📈 Scaling Your Efforts Based on historical vuln data + your org's risk factors, choose a project that can be completed in 1-3 months that provide some scalable wins. (TMing, security engineering, continuous compliance, detection & Response)

    1 reply 1 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. 28. sij

    🛃 Asset Inventory Now * Programmatically capture relevant meta info about your cloud env & code Future * Get visibility into additional types of assets (employees, devices, etc.) * Automatically alert on or block suspect changes

    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  21. 28. sij

    🔍 Continuous Scanning Now * Be able to scan every: PR, code base, deployed service * Decide on baseline of types of vulns, anti patterns, & missing security controls to scan for Future * Check for lack of secure wrapper libraries & controls * Target add'l bug classes

    1 reply
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi

@clintgibler još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·