►
From YouTube: Threat Insights Weekly Group Discussion
Description
Weekly meeting for the Secure:Threat Insights group
A
A
C
A
D
A
D
The
little
demo
is
great
in
the
animated,
gif
Daniel
and
the
issue,
if
you
could
put
it
on
on
filtered
as
well,
that
would
make
you
know,
maybe
even
like
a
60
second
walkthrough.
That
would
be
great,
then
more
I
think
it'd
be
more
accessible
to
more
people
more
findable
by
more
people.
So
in
general,
do
you
could
do
that?
You
know
at
some
point:
that'd
be
awesome.
Okay
will.
C
F
D
F
D
Other
question
I
know
we
had
challenges
with
browser
width
issues,
changing
the
width
and
then
texted
over
right,
so
not
that
this
change
would
reintroduce
that
problem,
but
just
because
it
wasn't
introduced
once
it
might
get
introduced
again
accidentally.
So
it
looks
like
Alexander
you're,
you're
gonna
give
another
try
to
verify.
Yeah.
F
D
E
F
H
E
There
isn't
really,
there
isn't
really
like
good
overflow
rules
like
built
into
our
design
system,
just
yet
like
I
think
in
the
mocks
that
are
going
to
be
through
planning
breakdown,
I've
built
in
some
of
like
the
prescribed
overflow
behaviors
that
we'd
like
to
see
in
the
security
dashboard,
as
well
as,
like
maybe
some
margin
with.
Let's
this
matter,
I'm
just
getting
hoping
for
anything.
This
cuz,
like
yeah,
some
of
these
strings
go
super
long,
yeah.
H
The
only
reason
I
ask
is,
it
might
just
be
a
little
bit
more
bulletproof
if
we
had
a
hard
and
fast
rule
because,
like
for
the
gymnasium
identifier,
for
example,
I
don't
normally
look
at
projects
that
have
those
right
there
through
sample
project,
so
they
tend
to
be
CBS
and
cwe's
or
a
lot
shorter,
and
then
the
gymnasium
ones
were
like
this
long
gooood
with
the
thing
we're
like
it
broke
it.
But
we
didn't
know
that
that
was
an
option.
H
E
Yeah
I
commented
in
other,
mr,
that
was
about
the
fix
for
the
identifier
column
that
Alexander
brought
up
and
that
we
can
go
to
two
lines
and
then
do
the
ellipses
I
think
we
can
give
enough
information,
even
in
a
small
column,
at
two
lines
to
break
the
gymnasium
hash
into
two
lines.
I,
don't
know
what,
if
anybody
can
interpret
that
hash
dollars
the
top
of
it,
but
it
is
help
in
identifying
the
individual
vulnerabilities.
We.
G
G
That
I
don't
know
what
what
works
better
on
the
testing
framework
Alexander.
Maybe
we
take
it
offline,
but
but
the
point
that
I
was
making
is
that
because
Matt
mentioned
well,
I
didn't
know
that
the
identifier
could
be
longer.
But
if
we
look
into
the
database
we
do
know
how
long
everything
can
be
and
if
something
can
be
super
long.
Rest
assured
at
some
point
something
will
come
up
to
fill
up
that
space
and
and
then
things
might
break.
H
Yeah,
that's
a
great
point
Iago.
Maybe
we
should
raise
that
as
we're
making
some
these
UI
change
just
just
to
point
out
like
we
need
to
at
least
account
for
the
case,
even
if
it's
not
something
that
we've
got
in
there
today,
especially
since
this
is
a
lot
of
this
we'd
hope
that
more
third
parties
are
gonna
integrate.
If
it's
in
the
spec,
then
they
should
have
every
right
to
not
see
something
broken
if
they're
filling
out
the
fields.
The
way
we
tell
them
they
can
and
if
it's
different.
A
A
A
All
right
we
discussed
this
last
week
and
I
was
asked
to
create
an
issue,
so
I
put
it
back
on
the
agenda
and
it's
in
planning
breakdown.
So
this
came
from
discussions
around
some
of
the
data
integrity
issues
that
we've
been
seeing
and
I.
Think
Jonathan
was
the
one
maybe
who
asks
for
this
right
to
look
at
other
legacy
models
to
see
if
we
ran
into
this
problem
anywhere
else.
Yes,.
I
A
B
It
would
be
the
implementation
of
this
one
to
identify
what
we're
doing
to
information
we
have
in
conjunction
with
the
Mets
issue
of
that
nine
one,
five
determining
if
the
existing
data
needs
to
be
copied
and
then
do
a
background
migration
with
that,
and
that
would
that
getting
that
first,
one
done
and
I
actually
put
a
note
in
that
issue
as
well
to
kind
of
prioritize
updating
the
database
model
so
that
we
can
see
where
we
have
redundancy
and
where
we
need
to
look
now.
I
should
put
a
note
in
there
about
that
to
you.
G
C
G
D
H
D
So,
just
one
to
make
sure
you're
aligned
to
you
know,
I
can't
comment.
I
put
it
in,
and
the
issues
which
is
Deb
and
I
know
Jonathan's
was
the
bane
of
your
existence
for
a
while
of
the
load
data
migrations
put
on
the
database
from
the
launch
of
first-class
phones,
so
I
just
put
it
keep
an
eye
on
that
as
well.
If
it's
potentially.
C
D
B
So
far,
they
you
know
with
Ross's
background
migration.
In
the
last
last,
one
I
did
bathe.
They've
been
pretty
good
with
about
the
load
on
there,
especially
since
I
made
it
what
Ross
had
done
and
as
long
as
we
go
out
kind
of
what
we
did
there.
Those
are
basically
approved
kind
of
patterns.
Yeah
patterns
to
work
through
so.
D
A
Cool
tango,
can
you
move
this
one
through
the
workflow
and
assign
it
to
someone
for
refinement?
Thank
you.
Moving
on
this
is
item
that
made
it
through
design
recently
pretty
straightforward.
We
bring
it
here
so
keeping
in
mind
that
we're
talking
about
planning
breakdown.
Do
we
understand
the
work
boundaries?
We
feel
that
all
the
requirements
are
clear
enough
and
do
we
believe
this
is
something
that
we
can
complete
with
in
one
iteration.
This
is
the
addition
of
this
detected.
A
F
A
A
C
C
H
The
reason
I
was
asking
is,
if
all
the
work
is
self-contained,
not
just
within
the
issue
itself,
but
the
will
say
the
engineer.
The
need
to
split
it
out
would
be.
This
was
the
case
that
I
think
jago's
is
for.
You
joined
that
I.
Call
that
as
like
this
is
the
happiest
path.
I,
don't
think
we
need
the
epic,
because
then
you've
got
a
container,
that's
just
holding
the
one
thing
that
is
directly
action
by
one
person.
A
A
A
All
right-
and
so
then
we
have
a
suite
of
other
dashboard
related
issues
so
about
restructuring
all
three
of
our
dashboards
Matt.
Is
there
one
or
Andy?
Is
there
one
of
these
that's
best
to
look
at
first,
assuming
it's
not
the
group
one
because
of
the
way
we're
moving
things
around
and
the
different
pages
well.
H
They're
kind
of
a
little
bit
different,
so
I'll
say
at
a
high
level.
The
intent
of
all
of
these
is
to
start
moving
the
vulnerability
list
itself
out
into
a
separate
component
and
then
over
time,
we'll
really
build
the
dashboard
into
like.
Today
it's
not
much
of
a
dashboard.
This
is
more
like
the
fingertip
information,
but
we
need
to
get
the
information
with
which
to
replace
the
instance.
Level
is
going
to
be
adding
navigation
where
there
is
none
today.
So
that's
probably
the
biggest
one.
H
The
group
level
is
probably
the
most
straightforward
and
that
there's
already
the
two
chart
components
that
will
stay
behind
out
of
the
dashboard.
The
project
is
actually
a
little
weird
because
there
isn't
a
dashboard
today
it
is
just
the
vulnerability
list,
so
we
would
actually
leverage
one
of
these
components
from
the
group
in
the
project
or
that
instance
dashboard.
So
a
lot
of
words
to
say
actually
Lindsay
I
respectfully
disagree
group
might
be
the
best
place
to
start.
Let's
go
there
then
I.
A
Always
like
to
start
with
the
designs-
and
you
know
to
Wayne's
point
that
he
said
one-on-one
to
me-
we
don't
necessarily
need
to
share
in
this
meeting.
I
know
people
have
liked
it
before,
but
please
feel
free
to
just
follow
along
in
your
own
browser
and
ignore
me,
if
you
want
to
here
in
the
screen,
share.
D
Can
we
do
it
and
separately?
How
can
we
do
it?
Iteratively
not
like
do
the
entire
dashboard,
for
you
know,
I,
don't
know
group
in
one
in
you
know
in
one
Co
suit,
but
do
things
more
iteratively
and
roll
it
out
iteratively
as
well.
I
could
see
us
going
either
route
and
you
know
the
more
iteratively
we
can
do
it,
which
which
might
hurt
usability
in
the
short
term,
as
we
do
all
the
other
changes,
of
course
right.
D
C
A
Is
correct
but
I
want
to
add
one
detail
that
I
think
reflects
what
Wayne's
question
is
you
know
these
designs
could
break
down
into
multiple
MVC's
that
we
can
find
ways
to
make
these
smaller
buckets.
That
would
benefit
the
customer
and
get
those
out
into
like
this
particular
design
issue
might
end
up
representing
suit,
let's
just
hypothetically,
say
three
different
NDC's
and
then
with
it
within
each
of
those
MVC's
I'll
come
feature
issues.
We
would
break
down
implementation
issues
which
would
be
the
front
end
and
back
end
tasks.
A
D
A
A
F
F
Yeah
I
agree
that
this
could
be
broken
up
into
several
MVC's,
like
there's
a
lot
of
work
here
to
the
vulnerability
reports,
adding
tabs
and
stuff
like
filtering
and
columns
and
stuff.
That
could
certainly
go
in
like
if
you
want
like
a
phase
2
like
phase
one,
could
simply
be
create
the
dashboard
and
move
the
dashboard
components
over
there,
and
that
certainly
seems
within
one
iteration
and
then
pull
have
the
vulnerability
list
being
its
own
thing.
A
That
I
think
there's
a
few
other
hidden
improvements
on
this
view
of
the
vulnerability
report
as
well.
I
know,
I
asked
a
question.
One
of
the
other
issues
I'm
sure
implies
here
that
these
values
they
currently
just
reflect
what
the
detective
vulnerabilities
are,
but
they
should
update
according
to
Andy
based
on
filters
selected.
So
things
along
those
lines
would
phones
that
ladder
vulnerability.
Report
NVC.
A
A
Thank
You
implementation
this
year,
I
think
that
would
reflect
across
at
least
both
the
group
and
the
instance
dashboard,
but
the
project
that
word
might
be
slightly
different
because
we
don't
have
those
sort
of
report
lists
here.
You
know
the
the
side
report,
so
the
work
here
is
a
bit
different
and
maybe
we
look
at
that
one
separately
and
see
if
that
should
be
broken
down
in
a
different
pattern.
F
F
A
Is
that
kind
of
the
the
breakdown
that
you're
talking
about
Alexander?
You
know,
move
things
around
and
give
it
its
own
navigation
so
that
the
report
lights
are
on
their
own
and
then
the
second
one
would
be
potentially
could
be
even
broken
down
into
further
issues
that
we
can
cross
that
bridge
when
we
get
there
around
the
update
specific
to
that
vulnerability
report
in
the
functionality
that's
presented
there.
A
Son,
okay
to
everyone
for
at
least
these
first
two
and
then
we
can
take
a
look
at
the
I
think
we
have
time
still
to
take
a
look
at
the
project
security
dashboard
to
see
if
we
should
have
a
separate
breakdown
for
that
one,
okay,
so
project
and
hopefully
everyone's
had
a
chance
to
look
at
this
already.
I
know
these
were
late
adds
to
the
agenda.
If
folks
want
to
wait
and
come
back
to
this
next
week,
we
can
but
there's.
D
A
I
need
to
play
around
of
this
zoom
to
fit.
No,
that's
not
right
either.
So
the
top
rail
really
good
project
levels,
so
Andy
you're
saying
to
go
from
here.
How
do
you
want
to
drive
Indy,
and
we
only
have
a
few
minutes
left
but
clearly
I,
don't
know
how
to
use
Sigma
very
well,
I'm,
really
flailing.
Here.
E
D
E
If
we
look
at
the
list,
that's
kind
of
why
I
was
asking
about
the
column
with,
because
all
the
data
in
here
start
is
gonna
get
very,
very
friendly
with
the
introduction
of
activity.
We
have
scan
type
identifier,
we'd
like
to
add
in
the
ability
to
sort
these
rows,
so
this
functionality
does
exist
in
the
alerts
list
that
the
monitor
team
just
enabled.
Oh,
so
maybe
we
can
steal
some
of
that
and
just
identifying
what
the
fee
filters
will
be
in
these
new
rows.
E
So
activity
scan
type
is
TBD
on
the
terminology
there,
but
other
than
that
there
aren't
huge
changes.
Aside
from
the
taps,
all
right
detect
the
date
you'll
note,
we
don't
do
something
with
your
lab
does
normally,
which
is
kind
of
say
like
one
day
ago.
One
week
ago,
we
want
to
be
a
little
more
precise
cuz
one
week
could
be
nine
days.
C
E
A
Thank
you,
Andy
I
think
that'll
help
everyone
to
review
this
for
the
next
discussion
that
we
have
and
for
that
discussion
we
should
hopefully
have
the
further
broken
down
versions
of
the
above
to
MVC's
that
we
talked
about
the
2-4
issues,
so
I
won't
be
here.
So
good
luck
and
I
think
that's
the
last
agenda
item.
Is
there
some
PTO
coming
up?
So
please
take
a
look
at
who's
gonna
be
out
in
the
next
week
or
so
I'm.
H
Just
real
quick
I
will
say
most
of
the
changes
to
the
list
itself
are
contained
in
that
project
view
I.
Think
that's
gonna
need
to
be
last
because
it
is
such
a
wide
component.
The
group
in
the
instance
dashboards,
are
constrained
by
the
widgets.
So
let's
try
to
look
at
getting
those
broken
down
like
just
the
splits
yeah.
We
talked
about
the
group
of
the
instance
level
and
then
I
think
the
project
is
really
gonna
be
last
with
all
the
the
list
updates
makes.