Olivia
Online
Patrick Thomas (@[email protected])
@coffeetocode
Software engineer to security consultant, now security partner at @Netflix. Infosec pragmatist.
SF Bay Area
Joined February 2010
886 Following
1.9K Followers
2.7K Posts
Pinned Tweet
"Penetration Test" is a crazy overloaded term. Important to start w/ discussion of goals and tradeoffs between testers and client team.
Thanks for the #BSidesSF Semgrep workshop @enncoded @LewisArdern @onefiftyman . You packed a *ton* into 2 hours. Really appreciate the work that went into it.
@bsysop @Bugcrowd @ArmanSameer95 @GodfatherOrwa @mzamat123 Congrats man, that's fantastic. Always a pleasure to see you on the other side of the submissions!
@kb_awholevibe Thanks for the interest! LocoMocoSec talks aren't recorded, but here's the deck: https://t.co/Z3IsIvD5gg
Who to follow
Enno Rey
@Enno_Insinuator
Old-school network security person. Founded https://t.co/jnQuHO036k & @WEareTROOPERS.
Occasionally blogging at https://t.co/67lpbmCajA
Jim Manico from Manicode Security 
@manicode
AI and AppSec Educator. Secure coding system prompts. https://t.co/gbW3ZLhURT
Jeff Jarmoc 🐉🔥
@jjarmoc
Yet another security guy tweeting about security stuff. I speak only on my own behalf.
Woot! Let's do this! I'm really looking forward to sharing this.
Patrick Thomas, Senior Security Partner @netflix, is speaking @LocoMocoSec next week!
Register now to see his talk 'Productizing Security For Leverage and Scale' on June 30th🤙
⛵ Waikīkī Marriott Resort
🏝️ O'ahu, Hawai'i
☀️ June 27-30th
🌟 @coffeetocode
What can we say, twitter-driven development sometimes works :)
https://t.co/W12RcGwa75
Ya'll are good folks. Keep it going!
Expanded a bit on this over at https://t.co/cNqz0Kf32j
I love formal forecasting exercises (esp those run by @Magoo) because they really force you to slow down consider all the potentially relevant facts, and introspect your biases. FWIW I was 80% here, but I think I was undervaluing the "autopilot" nature of modern CI/CD.
That's what myself and 26 others sought to gather over the weekend. The panel we put together forecasted a 72.8% belief it would happen. Here's the spread of forecasts
https://t.co/fS70r6WCNf
@leifdreizler I wonder too, but I promised myself I wouldn't spend that much time on it 🙃
Of the ~950 people I follow on twitter, some hacky profile scraping says that about 60 of those currently have a Mastodon link. So for me that's basically from ~0% to 15% exodus (or at least strongly hedging) in a *week*.
@clintgibler @csima @DanielMiessler @shehackspurple @RachelTobac @evantobac @Jhaddix @lancinimarco @hashishrajan @securibee @QuinnyPig @ollieatnccgroup @_JohnHammond @mikepsecuritee @hakluke @antitree @ramimacisabird @0xdabbad00 @bubblewire @HelloArbit @barschachner @zanelackey @bryansolari @LewisArdern @astha_singhal @manicode @dcuthbert @0xine @__muscles @txs Congrats Clint! You're such an amazing example of everything that's great about this community. Know that you're helping a lot of people.
Hah, this makes me feel so much better about my small pile of aborted "I think I should write something about..." drafts.
Know how many blog posts I start writing but never finish? *HEAPS*! Sometimes the story just doesn't work out as expected, sometimes I calm down and change my mind, other times... I'm a busy guy 🤷♂️ Are there any here I really should finish?
I don’t think there’s a SOC2 rule against banking 50 pre-approved empty PRs for future use.
When looking at a big backlog of known work we want to drive, it's *so easy* to just group into themes and call it good. I can think of times I've done that which really, really would have benefitted from asking if the framing leads to an ability to confidently prioritize. 2/2
Someone asked today "Is that list of 'goals' *really* a list of goals, or just a some themes of work?"
I *love* that question & the insight behind it. True "goals" help prioritize among possible work, themes really don't. 1/2
Chrome was delivered without any sprints at all. The team came in at 9 and left at 5 (figuratively, people actually kept their own ~8h schedules) every workday for a couple years like clockwork. No drama. No broken marriages, no broken families.
@caseyjohnellis @timb_machine @UK_Daniel_Card Hah, funny you mention that. @ramimacisabird was saying that the other day, and we've been talking about what an updated, more thoughtful/communicative view would look like. What aspects looking most wrong or dated to you now?
Congrats to @Resourcely! Clear, exciting product vision at that critical touchpoint of developer velocity, security, and cloud resources.
Very pleased to have joined this round, and looking forward to seeing where @travismcpeak and @0xshellrider take this idea.
Hello world! We're on a mission to make cloud security easier for users. See our funding announcement (https://t.co/uBm6JTCAct) and blog post (https://t.co/xXLAUz4Pes) for more details.
We're #Hiring!
@deciban Ohhhhh, yes! I remember when TurboIntruder came out, but it didn't stick properly in my brain. I gotta go play with it now. Thanks!
Web timing attacks: super cool in principle, still super janky in practice. Seems like TimeTrial (https://t.co/tVkldL3epu) and Nanown (https://t.co/TPKkst2VPm) still best tools, but really janky to get running & require a known-good case. Anyone got suggestions? Banging my head.
Last Seen Users on Sotwe
Fenix flores
Seen from Thailand
Sevdanın son vuruşu
Seen from France
M Anas
Seen from United Arab Emirates
الشيخة نورة👸🏻
Seen from Algeria
AlexisDownUnder❤️🔥
Seen from Indonesia
Canino Latino 🐕🌭
Seen from France
جاوید او شازیه کپل کوهات نه
Seen from United Arab Emirates
JANDA DESA
Seen from Indonesia
فريال x
Seen from Egypt
الباشا
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers