I am fighting with Product Engineering leadership and architecture in the value in a Security Champions program (5 people each 2-4 hours per week for first year) and also that attempting to mitigate the risk of sharing a secret by instead creating interdependence in infrastructure across divisions of ownership is also increasing risk.

Being thrust into infosec without support sucks.

#infosec #appsecproblems

Busy creating a new process flow diagram, honestly one of my small joys. The business systems analyst background in me really comes out some days.
#tech #WorkDay #AppSecProblems #SmallJoys

Randomly remembering that one time I stood up a phpBB forum in one painful weekend (with no previous web hosting experience) because my EQ2 guild wanted one.

Also looking back as an AppSec Engineer now, I'm a bit scared about the security of that and elements of my copy and pasted template! :blobcatfearful:​

#YouLiveYouLearn #MMORPG #AppSecProblems #CopyPaste

You know what I wasn't ready for at 10 am on a Monday.. a mock threat modelling session. My coffee had barely even kicked in. Also why do I have such a mental block with these? As a former business sys analyst and visual mapper you'd think this would be easy for me. :ablobcatderpy:

#AppSec #AppSecProblems #ThreatModelling #ThreatModeling