Open Session Summaries
25/01/31 Open Session Summary
The meeting involved a diverse group of professionals discussing their experiences and interests in cloud security, with a focus on the potential impact of AI on their work and the future of technology. They discussed the potential benefits and risks of AI in enhancing security and development practices, as well as its potential to change the way they work and the skills required for their roles. The team also expressed concerns about the environmental impact of AI and the need for caution in its use, with a focus on understanding AI security and the potential for AI to become sentient.
25/01/24 Open Session Summary
The team discussed the potential implications of the current administration's actions on cybersecurity and election integrity, with a focus on the potential effects on CISA and NVD. The conversation ended with discussions on open source software, its benefits and challenges, and the potential for monetizing it through services and products built on top of it.
24/11/22 Open Session Summary
The team discussed various topics including acquisitions and mergers in the cybersecurity sector, the challenges of integrating new technologies into existing systems, and the potential impact of acquisitions on customers. They also explored the current market activity, the role of ego and culture clashes in acquisitions, and the shift towards a more comprehensive approach in the industry. Lastly, they discussed the recent claim about Chinese researchers cracking 50-bit RSA encryption using a quantum computer and the importance of understanding threat models in security issues.
24/11/08 Open Session Summary
The meeting began with introductions and discussions about the revamped website and the importance of networking within the group. The team also shared their experiences and challenges in the field of cloud security, with a focus on the importance of finding a balance between fulfilling work and financial stability. The conversation concluded with reflections on the importance of learning from others' mistakes, understanding one's interests and strengths, and the need for growth and finding new ways to communicate one's achievements.
24/11/01 Open Session Summary
The team discussed various security issues, including Chinese groups targeting firewalls, the high number of known exploited vulnerabilities in Microsoft, and the use of remote desktop protocol for spear phishing campaigns. They also discussed the importance of evaluating container security, handling security alerts from third-party vendors, and navigating disagreements between engineering and security teams. Lastly, they emphasized the importance of partnership, collaboration, and proper documentation in resolving security issues.
24/10/25 Open Session Summary
The team discussed the challenges and differences between on-premises and cloud-based systems, with a focus on security and infrastructure, and the importance of building resilient architectures. They also shared their personal experiences and career paths, emphasizing the importance of networking, preparation, and a global approach in their field. Lastly, they discussed various projects and technologies, including chaos engineering, graph databases, and cloud security, and the importance of security and privacy in their work.
24/10/18 Open Session Summary
The team discussed the evolution of application development, the benefits and challenges of using containers, and the differences between running containers on AWS using ECS and EKS. They also explored the concept of abstraction in computing, the importance of understanding the underlying layers of abstraction, and the role of code for resource orchestration. The conversation ended with a light-hearted discussion about Microsoft's logging issues and introductions from new attendees.
24/09/27 Open Session Summary
The team discussed the potential of AI to enhance work capabilities and the risks associated with it, including the potential for AI to replace certain jobs. They also discussed a recent vulnerability and the development of a new vulnerability management model, SSB, which uses machine learning to assess the likelihood of exploitation. Lastly, they discussed the shift in security as companies move into cloud security, emphasizing the need for security teams to collaborate more closely.
24/08/30 Open Session Summary
The team discussed the challenges and potential solutions in managing Multi-Factor Authentication (MFA) for shared accounts, with a focus on the use of FIDO keys and the protection of SIM cards. They also explored the evolving roles in application and infrastructure security, emphasizing the importance of breaking down silos and integrating security tools into products. Lastly, they shared their experiences and insights on professional services, stressing the importance of honesty, authenticity, and understanding client needs.
24/08/23 Open Session Summary
The team discussed the challenges and benefits of their children's schooling in Singapore, sales kickoff events, and issues with neighborly dumpster use. They also shared personal experiences and insights on the impact of extensive work-related travel on personal life, the transition from Microsoft to Orca, and the pros and cons of careers involving travel. Lastly, they discussed strategies for career development, the scale of the tech industry, and the transition of Cisco to a cybersecurity company, with a focus on networking and utilizing personal strengths.
24/08/09 Open Session Summary
The team discussed recent vulnerabilities in AWS, the need for improved security policies, and strategies to limit cloud storage sprawl. They also explored the challenges and evolving strategies in cloud detection and response, the potential use of automated forensics, and the integration of AI into infrastructure. Lastly, they delved into the recent issues with Boeing, the potential of low code/no code automation platforms, and shared personal experiences and plans.
24/07/26 Open Session Summary
The team discussed the ongoing issues with the Crowdstrike incident, the impact of outdated systems on ATM performance, and the challenges of dealing with nation state actors' malware. They also explored potential solutions, including the creation of a new boot key and the use of secure coding practices. Lastly, they examined a security incident at No Before and the importance of thorough vetting processes, as well as the benefits and challenges of IPV6.
24/07/19 Open Session Summary
The team from Equinix discussed recent infrastructure outages, the potential impact on the company's reputation, and the trend of customers preferring to rent server space. They also explored the potential of AI in container configuration, the implications of a global outage, and the impact of system outages on the health industry and the stock market. Lastly, they discussed the recent challenges faced by Crowdstrike, the potential implications of Google's proposed acquisition of Palo Alto, and the concept of co-opetition.