Remote follow

Darren P Meyer @darrenpmeyer@infosec.exchange

Applied AppSec Research @ Veracode ; I don't speak for them here. Part-time coffee and Arduino nerd.

28 Toots

8 Following

19 Followers

Toots Toots and replies Media

**Darren P Meyer** · Jun 30, 2018, 15:30

Darren P Meyer boosted

J @jeff · Jun 30, 2018, 15:30

The book that is mandatory reading at every data collection and aggregation company

**Darren P Meyer** @darrenpmeyer · Jun 22, 2018, 23:40

**Darren P Meyer** @darrenpmeyer · Jun 22, 2018, 23:40

The Veracode Research team is growing; we're looking for principal researchers for two roles for public-facing security researchers. Work on cool stuff, share it with the world!

1. https://searchjobs.ca.com/job/Burlington-Principal-Security-Researcher-Emerging-Technologies-MA-01803/483407200/

2. https://searchjobs.ca.com/job/Burlington-Principal-Security-Researcher-MA-01803/483404200/

**Darren P Meyer** @darrenpmeyer · Jun 19, 2018, 13:17

**Darren P Meyer** @darrenpmeyer · Jun 19, 2018, 13:17

I’m hiring a content developer for Veracode AppSec eLearning content; remote OK, nice perks including time for research projects

https://searchjobs.ca.com/job/Burlington-Security-Researcher-Content-Developer-MA-01803/477685300/

**Darren P Meyer** · Jun 18, 2018, 02:40

Darren P Meyer boosted

**emsenn** @emsenn@mastodon.social · Jun 18, 2018, 02:40

@darrenpmeyer Upper right corner of the image has the url: http://michaeldashow.com/

**Darren P Meyer** @darrenpmeyer · Jun 18, 2018, 01:13

**Darren P Meyer** @darrenpmeyer · Jun 18, 2018, 01:13

"Delivering the Pen Test Report"

(can't find a good source, lmk if you know so I can credit)

**Darren P Meyer** @darrenpmeyer · Jun 17, 2018, 00:00

**Darren P Meyer** @darrenpmeyer · Jun 17, 2018, 00:00

Is there any event/party planning system that doesn't have a shit privacy policy?

**Darren P Meyer** @darrenpmeyer · May 21, 2018, 04:05

**Darren P Meyer** @darrenpmeyer · May 21, 2018, 04:05

It's frustrating enough when normies use "random" to mean "unpredictable" in technical contexts; it's inexcusable for a security pro to do that

**Darren P Meyer** · May 15, 2018, 01:30

Darren P Meyer boosted

**Hugo Lefeuvre** @hle@mstdn.io · May 15, 2018, 01:30

Thinking of #EFail again: I don't think it's going to change anything.

Non technical people didn't use it until now and will not start using it.

Technical people understanding these issues will continue to use it.

**Darren P Meyer** · May 09, 2018, 20:37

Darren P Meyer boosted

**cwcopa** @cwcopa · May 09, 2018, 20:37

Excel will support JS. The end is near.

**Darren P Meyer** @darrenpmeyer · May 09, 2018, 02:16

**Darren P Meyer** @darrenpmeyer · May 09, 2018, 02:16

I see the InfoSec nihilists are out again. 'customers only want likely threats, all else is waste' and 'breaches are basically random' and all that

It's not waste, threats are not random, you can make yourself less of a target; AND you could still be breached, should focus on response and recpvery too, etc.

**Darren P Meyer** · May 07, 2018, 01:23

Darren P Meyer boosted

**mathias** @vagnes · May 07, 2018, 01:23

Infosec is a bit like medicine.

You do what you can preventively to mitigate disease/hacks, but mostly you are going after symptoms. Treating the symptoms may work for a while, but eventually that won't work anymore.

Luckily, CVE names are easier to remember than gene and histone subunit names.

#infosec

**Darren P Meyer** @darrenpmeyer · May 06, 2018, 20:17

**Darren P Meyer** @darrenpmeyer · May 06, 2018, 20:17

Source: https://www.smbc-comics.com/comic/mimic

**Darren P Meyer** @darrenpmeyer · May 06, 2018, 20:17

**Darren P Meyer** @darrenpmeyer · May 06, 2018, 20:17

If it swore a lot, could also be mistaken for an infosec pro