Patrick Thomas (@[email protected])
@coffeetocode
Software engineer to security consultant, now security partner at @Netflix. Infosec pragmatist.
You might like
"Penetration Test" is a crazy overloaded term. Important to start w/ discussion of goals and tradeoffs between testers and client team.
Thanks for the #BSidesSF Semgrep workshop @enncoded @LewisArdern @onefiftyman . You packed a *ton* into 2 hours. Really appreciate the work that went into it.
What can we say, twitter-driven development sometimes works :) netflix.com/.well-known/se… Ya'll are good folks. Keep it going!
Of the ~950 people I follow on twitter, some hacky profile scraping says that about 60 of those currently have a Mastodon link. So for me that's basically from ~0% to 15% exodus (or at least strongly hedging) in a *week*.
Hah, this makes me feel so much better about my small pile of aborted "I think I should write something about..." drafts.
Know how many blog posts I start writing but never finish? *HEAPS*! Sometimes the story just doesn't work out as expected, sometimes I calm down and change my mind, other times... I'm a busy guy 🤷♂️ Are there any here I really should finish?
I don’t think there’s a SOC2 rule against banking 50 pre-approved empty PRs for future use.
Chrome was delivered without any sprints at all. The team came in at 9 and left at 5 (figuratively, people actually kept their own ~8h schedules) every workday for a couple years like clockwork. No drama. No broken marriages, no broken families.
Sadly, there were divorces and broken families and bad things that came out of that. But I also learned that even at a 20,000-person company, you can get a team of 100 people to work like their lives depend on it.
Congrats to @Resourcely! Clear, exciting product vision at that critical touchpoint of developer velocity, security, and cloud resources. Very pleased to have joined this round, and looking forward to seeing where @travismcpeak and @0xshellrider take this idea.
Hello world! We're on a mission to make cloud security easier for users. See our funding announcement (techcrunch.com/2022/07/26/res…) and blog post (resourcely.io/post/introduci…) for more details. We're #Hiring!
Strong recommend for anyone thinking about sustainability, culture, and ultimately the humans in a security organization. @astha_singhal knows what she's talking about and delivers it so well. 🙌
This year I got the amazing opportunity to deliver the keynote at one of my favorite security conferences, @BSidesSF. You can now check out my talk on "Building Sustainable Security Programs" here: youtube.com/watch?v=-hWp_C…
Web timing attacks: super cool in principle, still super janky in practice. Seems like TimeTrial (github.com/dmayer/time_tr…) and Nanown (code.blindspotsecurity.com/trac/nanown/) still best tools, but really janky to get running & require a known-good case. Anyone got suggestions? Banging my head.
Strong recommend. Some great examples that improve both risk and user experience, and also give metrics that make the wins feel real.
Brilliant talk from @coffeetocode on bonding security to developer productivity.
Slides from my #LocoMocoSec talk on "Productizing Security" docs.google.com/presentation/d…
When it literally rains on your parade at @LocoMocoSec with @ropnop @SammyHep @ndm @h4ck3rky13 and @coffeetocode #stillHavingFun
When it literally rains on your parade at @LocoMocoSec with @ropnop @SammyHep @ndm @h4ck3rky13 and @coffeetocode #stillHavingFun
Woo! @LocoMocoSec has been on my list since it started; I'm finally here and so excited! Looking forward to meeting folks. Just hanging out today/tomorrow if anyone else in early wants to meet up!
Aloha @LocoMocoSec 😎 so excited to be here - have wanted to attend this con for a long time! Really looking forward to learning a lot, talking prodsec and meeting new friends. Anyone else gonna be here? And can’t wait to catch up @coffeetocode been too long!
Woot! Let's do this! I'm really looking forward to sharing this.
Patrick Thomas, Senior Security Partner @netflix, is speaking @LocoMocoSec next week! Register now to see his talk 'Productizing Security For Leverage and Scale' on June 30th🤙 ⛵ Waikīkī Marriott Resort 🏝️ O'ahu, Hawai'i ☀️ June 27-30th 🌟 @coffeetocode
United States Trends
- 1. Marshawn Kneeland 10.4K posts
- 2. Nancy Pelosi 15.5K posts
- 3. #MichaelMovie 22K posts
- 4. ESPN Bet 1,905 posts
- 5. Gremlins 3 1,959 posts
- 6. Good Thursday 33.8K posts
- 7. #NO1ShinesLikeHongjoong 16.3K posts
- 8. Jaafar 6,355 posts
- 9. Madam Speaker N/A
- 10. #영원한_넘버원캡틴쭝_생일 16.1K posts
- 11. #thursdayvibes 2,678 posts
- 12. Happy Friday Eve N/A
- 13. Joe Dante N/A
- 14. Mega Chimecho 3,135 posts
- 15. Penn 8,897 posts
- 16. #BrightStar_THE8Day 24.3K posts
- 17. Baxcalibur 2,660 posts
- 18. Chris Columbus 1,822 posts
- 19. Korrina 2,771 posts
- 20. Diantha N/A
You might like
-
Enno Rey
@Enno_Insinuator -
Jim Manico from Manicode Security
@manicode -
Alvaro Muñoz
@pwntester -
Simon Bennetts ⚡🇺🇦
@psiinon -
Travis McPeak
@travismcpeak -
Ashar Javed
@soaj1664ashar -
Ryan McGeehan
@Magoo -
David Litchfield
@dlitchfield -
Andy Ellis
@csoandy -
Michael Coates
@_mwc -
haroon meer
@haroonmeer -
Ken Johnson
@cktricky -
Anshuman Bhartiya
@anshuman_bh
Something went wrong.
Something went wrong.