Damus
ARGVMI~1.PIF profile picture
ARGVMI~1.PIF
@ARGVMI~1.PIF
I need everyone to understand that they're not going to solve the supply-chain-attack problem with AI, checklists, government regulations, million-dollar auditors, proprietary patent-pending fuzzy-logic scanning software, or any of that other nonsense.

That's a Band-Aid at best, and often makes things worse.

They're going to solve this problem by allowing programmers to move slowly and avoid breaking things.

Also known as “discipline”.

That is the ONLY way.

#cybersecurity #security #infosec
2
V · 8w
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpq9zsljfx8tjyzplququr9xmqctclx0qc2mw5xydzx0udqzrfade4qmtrtl5 supply chain attacks are a lot harder if you know: - what your dependencies even are. - Why you are using them. - Where you gt it from. - Who you get it from. Not that they can't still ...
ARGVMI~1.PIF · 8w
I don't care what your board of directors thinks. They aren't responsible here; you are. I don't care what some briefcase-wielding salesman says you can “optimize” or “pivot to”. He won't bear the consequences; you will. I don't care what your competitors are doing. They'll suffer massive ...