Implementing security policy is not easy. It's difficult from a technical perspective, sure, but convincing others in your company that the changes are necessary can be just as much of a challenge. Doubly so if you can't convince leadership.

The story of Twitter's current security woes is a great example.

The Peiter Zatko (aka "Mudge") vs Twitter situation has gotten very public. Mudge released a very long (84 pages) document that details what he says is a longstanding pattern of indifference to security. Here are the technical details of the alleged security failures.

NOTE: mDAU-free analysis. You're welcome.

The long-debated QUIC protocol is getting serious attention these days. It has been in development since 2012, but is all the rage now because HTTP/3 (the main reason QUIC was designed in the first place) is now an official standard.

What is it, then, and what might it mean for security? Let's find out.

The 14th Cloud Field Day event put on by Gestalt IT was held last month in San Jose, California. 7 companies presented, with a lot of emphasis on multi-cloud.

Read on to learn a little more about the event.

Haven't written anything in a while- but this time I have a pandemic-based excuse. I had Covid.
I didn't like it. Didn't love it. I don't want no moorrrrrre of it.

So, after much rending of garments and gnashing of teeth (e.g., complaining), I passed the CISSP.
Let's talk about that.

GitHub Copilot is a GPT-3 based AI tool that helps programmers write code faster. It definitely has value, but it comes with legitimate caveats that programmers and IT managers alike need to take into consideration before relying on it.