►
Description
Threat Insights group weekly discussion, APAC-friendly time, 2021-02-16
B
B
C
E
D
E
It's
it
is
very,
very
chilly
the
power's
been
on
for
about
an
hour
and
a
half,
so
we've
been
running
around
charging
all
the
gadgets
again
and
all
the
all
the
little
backup
batteries
for
the
phones,
cranking
up
the
heating.
The
heat
is
on.
We
actually
we've
been
warned
that
we
may
be
losing
water
too.
Other
people
in
other
areas
have
lost
all
their
water,
so
we
filled
the
bathtubs
and
a
bunch
of
bottles
of
filtered
water
got
all
the
firewood
inside.
E
C
F
I
don't
know
I
assumed
you
gonna,
do
it
all
right?
Let
me
share
my
share
my
screen
and
perhaps
I
should
select
the
right
board,
so
we
don't
think
we're
doing
108
points.
E
F
F
We're
going
to
ignore
things
in
refinement
and
we're
going
to
start
with
the
blocked
issues
lindsay.
This
doesn't
look
right.
We
had
more
blocked
issues
to.
F
D
C
F
That
is
what
I
want:
yeah
cool,
so
that'll
give
me
a
chance
to
open
on
my
window
the
priorities
issue
for
for
threatening
sites
so
number
one
jira
integration
number
two:
generic
security
report
number
three
filter
project,
vulnerability
report
by
vendor;
name;
number,
four:
bulk
updates,
number,
five
dismissal
types
and
reasons.
Thank
you
and
everybody
else
can
read
now
for
the
for
themselves.
F
So
back
to
the
board,
starting
with
with
blocked.
F
We
have
that
mr
refactors
top
waiting
waiting
on
something
else
to
unblock
it,
the
jira,
which
is
the
number
priority,
so
maybe
that
should
be
at
the
top
lindsay
future
flag.
Thank
you,
then.
F
The
third
one
is
about
the
generic
schema
and
it's
blocked
by
by
something
else-
and
my
refactor,
I
think,
is
a
is
yeah.
It's
right.
It's
below
the
generic
schema
and
then
all
the
other
issues
below
that,
I
believe,
are
related
to
a
technical
debt,
epic,
to
remove,
to
remove
project
fingerprint
and
to
remove
raw
metadata,
so
two
different
epics
there
and
then
at
the
bottom.
F
That
is
priority.
Number
five
dismissal
types
yeah.
C
So
that
should
come
up
as
well,
so
tiago
and
I
switched
we've
been
kind
of
back
and
forth
about
how
we're
indicating
that
something's
blocked
between
just
having
it
in
the
ready
for
development
with
it
indicated
that
it's
blocked
by
having
a
blocker
issue.
We
pulled
all
of
those
items
into
this
blocked
column
just
before
this
call
so
you're
wondering
why
those
moved
around
we'll
have
to
make
sure
that
we
catch
when
they're
unblocked
and
move
them
back
into
the
right
priority
order
and
ready
for
development.
C
F
So
far
so
good,
so
the
intent
of
this
is
to
to
cause
anyone
who
doesn't
recognize
a
an
issue
or
or
disagree
with
the
priority
to
speak
up.
So
please
feel
free
to
interrupt
me
as
I'm
blabbering
down
so
now.
I'm
ready
for
development.
C
I
want
to
call
out
that,
because
thiago
and
I
prioritize
these
issues,
these
lists
separately
between
front
end
and
back
end,
it's
just
sort
of
resulted
that
the
back
end
is
at
the
top
of
the
list,
and
the
front
end
is
below
that.
That
doesn't
mean
these
are
higher
priority
issues.
I
assume
that
most
people,
when
they
come
in
they're,
looking
at
their
filtered
list
and
they
see
just
front
end
or
back
end,
and
then
you
would
see
the
the
correct
priority
in
that
sense,.
F
Think
yeah
we're
learning
here
so
we'll
see
if
this
works
and
and
then
we
tweak
the
format,
it's
the
first
time
we're
doing
this
so
in
in
ready
for
development.
For
the
back
end,
the
first
one
is
enabling,
I
believe,
the
priority
number
three,
the
filter
project,
vulnerability
report-
so
that's
in
there,
so
we
can
unblock
the
front
end.
The
second
one
dismissal,
so
that's
priority,
number
five
again
it's
there,
so
we
can
unblock
the
front
end.
The
third
one
is
a
priority,
two
bug,
so
it's
it
goes
in
there.
F
F
F
C
F
And
I
said
I
wasn't
going
to
do
refinement,
but
just
because
the
generic
security
report
is
a
blatant
absence
from
the
ready
for
development
it
it's
it's
in
there,
that's
the
top
issue
there,
it's
just
so
we
can
do
the
the
validation.
F
C
Feel
free
to
interrupt
and
ask
any
questions.
We
just
want
to
make
sure
that
everybody
is
aware
of
what's
being
focused
on
and
nothing's
a
surprise,
so
I
do
think
that
tiago's
done
a
better
job
of
pruning
down
the
amount
of
work
that
is
in
1310
from
back-ends
perspective,
so
some
of
the
items
for
the
front-end
may
need
to
move
out
to
a
future
milestone
so
just
going
through
I'm
gonna
kind
of
skip
over
the
refinement.
C
These
are
mostly
bugs,
with
the
exception
of
this
top
issue
that
daniel's
been
working
on
the
plan
for
what
this
new
schema
should
look
like,
and
this
is
dependent
on
the
refinement
of
this
is
dependent
on
that
spike.
That
is
in
progress
right
now.
So
that's
why
that's
sitting
there?
The
rest
of
these
are
bugs
that
we
hope
to
get
into
the
milestone,
but
we
do
have
a
lot
like.
I
said,
a
lot
on
the
plate.
Already,
we've
already
talked
a
little
bit
about
what's
blocked,
enabling
the
jira
for
vulnerabilities.
C
C
C
Some
ux
improvements,
so
we've
got
two
related
issues
for
ux
improvements
around
making
the
link
both
to
the
vulnerability
details
page
and
the
file
in
which
the
vulnerability
was
found.
Clickable
and
look
like
links,
some
improvements
to
the
error
display-
and
I
know
this
is
technical
debt.
So
I
know
these
aren't
in
our
priority
list.
C
Some
wrap-up
work
on
the
timeline
chart
vulnerabilities
over
time
and
then
some
more
debt.
I
know
we
have
work
around
the
generic
schema,
but
that's
still
in
thirteen
nine
and
in
progress
so-
and
I
think
that's
worth
just
looking
at,
because
I
didn't
move
all
of
the
issues
over
from
thirteen
9
for
the
front
end
that
are
in
progress.
C
We
need
those
just
to
call
out
that
we've
got
a
lot
of
the
high
priority
issues
still
sitting
here
in
13
nine.
That
will
need
to
be
moved.
F
C
There
it
would
be
really
nice
to
get
to
do
the
group
by
epics,
for
this
view
to
be
able
to
look
at
things
across
front
and
back
end.
It's
just
it's
a
very
slow
performance,
wise
and
a
little
buggy,
and
we've
got
a
lot
of
epics
listed.
So
I
think
that's
one
area
that
we
can
improve
to
be
a
little
bit
more
focused
and
not
have
as
much
going
on
at
once.
C
F
No,
it
looks
pretty
straightforward
to
me.
F
E
No,
this
is
great.
Thank
you
both
for
helping
clean
this
up.
It's
gonna
take
me
a
few
hours
to
at
least
get
caught
up
in
what
I
missed
the
last
couple
days.
So
if
there's
anything
on
fire,
just
ping
me
directly,
and
I
can
look
at
it
quickly,
but
I've
had
about
45
minutes
of
online
time
in
the
last
two
days,
a
lot
to
catch
up
on.
F
F
E
F
E
Like
it,
it's
I
want
to
make
sure
is
that
going
to
be
too
much
for
you
and
lindsay
to
do
something
like
that
every
time
I
know
you
did
all
the
heavy
lifting
on
this
one.
F
F
I
wish
we
could
have
done
that
same
thing,
but
we'll
do
it
next
week,
but
if
it's
a
format
that
people
appreciate-
and
I
like
I
like-
calling
out
the
priorities,
so
the
team
understands
why
they're
working
on
something-
and
it
just
gives
you
another
chance
to
say
hey
this-
isn't
the
wrong
spot,
or
I
I
I
don't
see
and
and
if
also,
if
there's
something
that
matt
you
you
believe
should
be
in
there.
We
can
also
use
that
say,
okay,
what
do
you
want
to
take
out
then?
Like
the
the
stack?
F
E
F
B
I
love
it
yeah,
so
I'm
here
because
lindsay
mentioned
you're
going
to
do
a
milestone
kickoff
today,
so
I
love
seeing
that
visibility.
Transparency.
I
think
it's
something
I've
desperately
been
wanting
for
myself.
So
I'm
happy
to
see
what
other
groups
are
doing.
So.
Thank
you.
C
Yeah
sebastian
added
a
topic
under
the
demo,
so
there
was
a
question
around
the
bulk
vulnerability
updates
and
I
know
andy
you've
been
part
of
this
discussion
with
him.
Would
you
mind
summarizing.
G
I
don't
think
it's
detrimental
to
the
experience.
I
think
it's
good
to
ship.
E
I
think
it
would
be
nice,
but
we're
not
really
taking
a
step
back
since
it's
already,
you
don't
have
the
same
behavior
today
between
what
you
get
from
the
vulnerability
report
view
versus
the
detail
view.
I
think
if
we
just
explain
that
we're
going
to
bring
parity,
that's
a
good
place,
we
can
cut
it
so
that
we
don't
roll
an
entire
feature
over
again.
C
I
know
you're
busy,
so
I
think
either
andy
or
I
could
summarize
in
the
response
of
this
issue
for
savage
then
so
it
sounds
like
we
do.
We
can
move
forward
with
this
current,
mr,
without
feature
flagging
it
or
delaying
launch
until
we
get
this
additional
feature.
Okay,
thank
you.
C
Andy
I'll,
take
care
of
responding.
C
Yeah
and
we
still
have
12
minutes
yeah
and
I
figured
we're
going
to
take
up
the
whole
half
hour
today
with
this
kickoff
discussion.
But
there
still
is
a
little
bit
of
time
and
I
guess
it's
more
like
seven
minutes,
because
we
stop
at
five
minutes
before
the
half
hour
to
talk
about
the
planning
breakdown
and
I
think
thiago's
got
something
diagonal
verbalize.
What
you're
saying
I
cheated.
F
I
a
late
entry
there,
but
just
wanted
to
appreciate
andy's,
immediate
response,
and
we
were
trying
as
we're
trying
to
work
out.
The
generic
schema
report
ingesting
that
we
figure
out
that
showing
the
errors
in
the
in
the
log
in
the
ci
job
isn't
possible.
I
mean
it's
possible,
but
probably
not
desirable
and
then
think.
Well,
where
do
we
put
it
and
it
was
really
good
and
quick
to
sort
it
out
with
andy.
F
He
picked
up,
it's
not
the
first
time,
it's
not
the
last
time,
but
I
don't
know
just
want
to
say
thank
you
because
you,
you
always
catch
on
quickly
and
respond
quickly
and
give
us
a
way
forward.
So
thank
you.
I
think
it's
actually
done.
I
think
we're
done
there
right.
We've
got
the
copy.
We
got
everything
we
need
to
proceed.
C
D
C
C
We
may
have
to
look
at
priority
and
adjust
if
you
want
to
still
pull
that
in.
Is
that
something
that
you
want
to
try
and
do
because
if
so,
we
should
take
a
couple
minutes
and
talk
about
that
issue.
Right
now,.
E
Well,
let
me
look
at
this
one
again,
so
it
was
actually
suggested
by
a
customer.
That
was
why
I
was
trying
to
get
it
in.
It
did
seem
like
it
would
be,
hopefully
pretty
small
since
we're
just
extending
what's
already
there
in
the
export,
and
I
think
that
these
are
both
pieces
of
information.
We've
already
got.
C
So
we
can
take
a
look
at
some
of
the
lower
priority
feature
items
or
thiago,
whether
there's
some
technical
debt
that
we
could
move
out.
I'm
not
sure
I
believe
this
would
be
back
in,
because
this
is
all
delivered.
We're
back
in
the
api.
F
Like
there's
one
thing
for
the
backhand,
that's
I
believe
it's
being
refined,
which
is
the
api
to
manually,
create
vulnerabilities.
That
is
a
far
priority
for
us.
That's
number,
eight,
and
but
the
reason
I
put
it
there
is
because
it
helps
dust
could
could
ditch
that
one,
but
there's
probably
tech
that
that
I
clean
up
as
well.
So
if,
if
we
want
to
agree
for
this
to
be
a
deliverable,
I
I
can
make
room
for
it.
F
F
E
So
it's
just
the
date
detected
and
then,
depending
on
what
type
of
vulnerability
the
location
so
we'll
have
a
location
field.
So
it's
file
path,
name
line
number
url.
If
it's
an
end
point
like
for
desk
and
for
containers,
we're
going
to
get
the
image
name
and
the
container
location,
basically
exactly.
We
would
display
in
the
vulnerability
details
today.
F
I
see
no
carrots
in
there,
but
I
just
read
it
and
I
think
I
understand
it
so
I'm
I'm
carroting
it
and
shubhash's.
You
probably
didn't
have
a
chance
either
and
I
don't
think
you've
worked
with
this
before
I.
I
don't
see
this
being
higher
than
a
two,
because
all
the
fields
already
exist.
It's
literally
just
adding
the
fields
to
the
csv
export.
F
So
you
can
treat
so
you
can
serialize
that
correctly
for
the
right
for
the
right
type,
because
because
dynamic
analysis
will
have
a
url
and
a
path
and
static
analysis
will
be
a
line
number
somewhere.
So
we
just
need
to
account
for
that,
but
that's
my
feeling,
which
means
lindsay.
Do
you
mind
sharing
the
board?
So
we
can
pick
two
points
to
to
heat
eat
into
13
11.,
please,
my
daughter,
my
my
kids,
my
daughter
loves
using
meat.
It's
a
favorite
word.
C
A
Yeah,
so
we
added
recently
block
path
as
well
in
the
location
in
the
graphql.
Should
we
add
block
path
as
well
like
in
the
location
things.