@cryptax I'm very interested in this topic. I have two (ZScaler and CrowdStrike). CS said: "can't fix; that's just how it works" and ZScaler quietly fixed it over a weekend. Thanks, I guess?
But both of these vendor issues could be present in other EDRs and proxies. Not like I have access to S1, Cortex, Defender and Netskope.
New to this coordinated disclosure thing. But going to #bluehat helped.
The massive scale and growth of #lowcode inside Microsoft.
These numbers are from a presentation at MS #BlueHat conference where Michael Bargury and Don Willits talked about how to design an application security program for #PowerPlatform. Because when the numbers are 1000x compared to traditional AppSec programs, the traditional way won't work.
Full video here: https://www.youtube.com/watch?v=0jGUiaWAU04
Thrilled to share my BlueHat keynote is now live! 
"A Clash of Cultures Comes Together to Change Software" dives into how early hacker groups like the L0pht began collaborating with tech companies, reshaping software security.
Watch here: https://www.youtube.com/watch?v=w6SAqT4ZQik
Recently at #BlueHat, Vern Paxson shared insights on "Three decades of network security evolution", showcasing how rich data continues to shape the future of cybersecurity.
Corelight is proud to be at the forefront of this evolution, empowering organizations with the network evidence they need to tackle today's challenges.
Something quite wonderful occurred at #bluehat 2024.
Caught up with a former mentee I worked with on getting their #OSCP. They shared they are now in a masters program and doing amazing things at work, and loving it. This lit up my heart and sparkles.
Helping others achieve their goals and reach for things they might not have, is an honor and a privilege to be a part of.
Needless to say.. an excellent time at #bluehat. Great to reconnect with good humans, some good content, and a whole heap of recharging my hacker heart.
At #BlueHat today looking to connect with software supply chain security, code integrity and confidential computing enthusiasts 
Yesterday at #bluehat I presented on some new security capabilities in open source package repositories (npm, PyPI, NuGet, ...), how #openssf is helping those capabilities spread across ecosystems, and lessons learned for any defensive security team: https://coffeehousecoders.org/blog/scaling_out_securing_open_source.html
Time for Microsoft's #bluehat! And it starts with @weldpond talking about the history of L0pht and hacking.. @msftbluehat
We’re at #BlueHat today! Join us in the village area to learn to pick or try your hand at our competition!
We have added #BlackAlps 2024 and #Bluehat 2024 conferences to the #InfoCon archives https://infocon.org
The BlueHat 2024 application to attend is now open! If you’re interested in attending #BlueHat in Redmond, WA, USA, October 29-30, please submit your application here: https://msft.it/6018mpd3C
Like this and repost if you're applying!
More people on #bluehat #bluehat2023 should make the leap here from the birdsite. I feel most of the main #infosec community has already made that transition.
I'm just hash-tagging #bluehat so I don't get fined
AI is increasing everyone's attack surface, whether they're ready or not...
@eljefedsecurit called this out brilliantly in his #Bluehat talk today, enumerating the stack and mitigations.
Jason Haddix, former CISO of Ubisoft, shared tremendous lessons-learned from his own experience and those of his network hit by #Lapsus$ at Microsoft's #BlueHat conference.
These attackers focused on creds and cookies sold on the dark web on sites such as Genesis, then purposely avoided EDR by targeting web-based apps such as Slack and Confluence. They bypassed authentication controls with the end goal of VPN access.
Lessons learned:
- Add mitigation controls for stolen creds and cookies including shortening session length, monitoring dark market sales, and adding a bug bounty for leaked creds.
- Add a team for secrets management: "You definitely have hard-coded creds somewhere in your network."
- Additional authentication controls such as tighter impossible travel settings and maps showing geographic location of login requests
- Set up jump hosts and network segmentation to access infrastructure and security products
#Microsoft announces a new bug bounty program for #AI at #BlueHat keynote - details to follow on the bug bounty website. #BreakingNews
w00t!!!
3 targets 3 different vuln chains 3 Windows Hello full auth bypasses 3 live demos
#BlueHat 
I'm at this little known company today to talk about how my team @SophosXOps helped solve a ransomware problem earlier this year that threatened organizations around the world. Getting real stuff done to help protect people and defend the public is what I do! Boulder Strong! #BVSD #SchoolBoard #Boulder #Microsoft #BlueHat
On my way to #BlueHat this morning in a very wet Redmond. Ping me if you are also there and would like to meet up!
" 
Brandt 
