►
From YouTube: Defend: Threat Insights Weekly Group Discussion
Description
Weekly meeting for the Defend:Threat Insights group
A
Oh
welcome
to
the
weekly
threat
insights
group
discussion.
We've
got
a
number
of
items
on
our
agenda
today,
Owens
somewhere
added
since
I.
Looked
yesterday,
Sebastian
Alexander,
I,
didn't
gonna,
see
your
guys
just
demos.
Yesterday
when
we
looked
so,
we
don't
have
any
follow-up
from
previous
discussion.
So
unless,
if
anyone
wants
to
bring
anything
up
right
now,
some
of
it
might
fall
down
into
planning
breakdown.
Some
of
those
are
I
think,
maybe
repeat,
visitors,
alright,
sloshed,
adding
attaching
initiated
to
a
vulnerability.
B
A
C
A
C
A
Who
needs
reactions
for
sticky
things,
I,
don't
know
what
that
would
be
like
I,
don't
even
think
we
have
slack
emojis
for
sticky
things
that
sounds
kind
of
gross
all
right.
We
are
on
to
planning
breakdown,
Thank
You
Sebastian
Alexander,
for
sharing
the
demos
Matt.
Do
you
have
any
questions,
observations.
D
Lost
my
suit
wind
up,
sorry
yeah,
it
looks
awesome,
I'm
excited
about
the
the
header
as
well.
That's
one
that
I
know
it's
gotten
added
fairly
recently
to
things
like
on
some
of
the
issues
in
the
mrs,
even
since
I've
been
here,
and
that
has
made
a
super
big
difference.
D
A
Issues
are
planning
breakdown
and
so
I
added
these
first
two,
because
there's
just
been
a
lot
of
discussion
and
for
our
handbook
once
you've
gone
back
and
forth
the
number
of
times
we
should
talk
synchronously.
It
looks
like
somebody
already
answered
my
first
question:
I
thought
these
were
duplicates
and
which
one
should
we
close
so
I
already
see
that
the
six
five
six
issue
has
been
closed,
which
was
the
bug
that
was
reported
by
kam
Eldon,
and
then
we
have
sort
of
the.
A
This
was
the
original
feature
issue
that
was
closed
because
it
was
verified,
the
notify,
a
user
when
evolvability
is
resolved
to
zero
seven
one,
eight
three,
so
there's
a
lot
more
information
on
here,
but
unfortunately
that
means
you've.
Just
you
have
to
scroll
a
lot
to
get
through
it
I
think
I'm,
remembering
this
correctly.
So
we've
had
this
groom
already.
A
C
A
I
wasn't
sure
which
one
was
which
one
should
be
closed,
that
is,
a
I
believe
they
both
represent
the
same
issue.
The
same
root
issue
is
that
on
the
dashboard,
once
vulnerability
has
been
resolved,
we
no
longer
see
it
in
the
default
branch
that
we
message
to
the
customer.
In
the
dashboard
view,
it's
like
a
blue
resolved
label
I
believe
it
still
works
on
the
standalone
page,
we're
still
showing
the
banner
at
the
top
of
the
santalune
page
and
at
some
point
this
worked
on
the
dashboard
view,
but
it
stopped
working.
A
D
A
E
So
the
main
problem
is
that
we
are
not
returning
that
information
to
the
front
end
so
and
big,
and
this
is
happening
because
we
don't
have
that
in
the
type
in
graph
QL.
So
it's
not
available
for
you
to
to
get
a
single
like
information
about
about
its
vulnerability
when
you're
getting
the
list
and
then
I
started
digging.
Why
do
we
we'd
not
have
that
and
I
found
that
there
is
a
matter
that
is
calculating
that?
Basically,
it
does
few
calls
to
SQL
to
database
to
get
that
information
and
idea,
and
then
I
started
thinking.
E
Oh,
we
cannot
do
that
when
we
were
like
rendering
a
list.
We
need
to
do
something
more
efficiently.
So
that's
that's
why
I
ended
up
with
having
having
the
whole
idea
and
bringing
the
risk
high
and
also
getting
the
weight
of
the
of
the
issue
so
high,
because
we
are
potentially
touching
the
most
critical
like
area
of
gitlab.
We
want
to
be
able
to
merge
things,
so
we
will
wish
not
mess
this
up.
A
That
makes
sense
whenever
I
see
a
weight
of
an
eight
Alan.
If
my
first
question
is,
is
there
a
way
that
we
could
break
this
down?
Because
that
does
feel
very
large
if
it's
based
on
risk?
That
might
not
be
possible.
But
if
you
think
that
there's
ways
that
we
can
do
that,
we
should
discuss
that
because
that's
the
goal
of
planning
break
down
right,
yeah.
E
A
E
A
D
Have
a
few
I
guess:
the
first
thing
is
I
my
initial
reactions.
We
should
probably
raise
this
from
a
p4s,
for
since
it's
been
reported
by
several
internal
users
and
I
think
there
was
a
customer
support
ticket
on
it.
It
seems
like
a
fairly
low
severity
but
I
think
or
yeah
I,
probably
like
the
bump
of
priority
of
potentially
two.
A
D
D
C
A
A
A
C
C
C
A
F
D
D
A
D
D
Just
gonna
say
given
what
you
point
out
about
this
being
a
fairly
small
piece
of
work,
but
very,
very
high
risk
in
terms
of
downstream
consequences.
Is
there
are
there
other
folks
that
we
could
leverage
to
help
kind
of?
Maybe
I
would
also
mitigate
the
risk,
but
give
us
higher
confidence
that
we
haven't
broken
anything
like.
Maybe
the
teams
that
are
actually
responsible
for
DMR's
or
even
bringing
in
our
I
believe
we
have
a
temporary,
stable
counterpart
from
the
QA
team.
D
E
I
will
see,
but
definitely
I'll
I'll
try
to
find
someone
from
I'm,
not
sure
if
from
other
team,
but
that
the
QA
will
help
us
here
like
there
are
other
things
to
mitigate
the
risk
like
not
the
week
in
a
synchronous
way,
but
just
delegate
the
work
to
some
by
current
worker,
and
it
will
do
the
work
for
us.
So
that
means
we'll
not
to
break
anything,
but
the
the
only
risk
that
will
might
happen
is
that
we're
gonna
not
have
the
label
anyway.
So
so
so,
I'll
take
a
look
differently.
D
A
C
C
A
D
A
D
A
C
A
Alright
I
got
excited
that
we
had
a
refinement.
State
Alexander
started
asking
a
bunch
of
questions,
that's
great.
So
this
is
questions
around
how
the
current
create
issue
button
plays
in
with
all
of
this
right,
Alexander
correct,
so
we
basically
be
moving
it.
It
won't
be
up
in
the
top
corner
anymore.
It'll
only
exist
here
in
this
new
real
estate.
A
C
D
Bit
of
a
shortcut
to
not
having
I
guess
an
alternative
at
the
moment
like
having
one
remediation
issue
and
then
multiple,
mr,
isn't
that
kind
of
thing
so
we'll
say
we're
just
sort
of
deferring
their
conversation
around
one
too
many.
By
giving
you
you
get
one
issue,
that's
directly
linked
and
the
others
are
I.
Guess:
they're!
Gonna,
look
to
your
point!
Lindsay
they're
gonna
look
the
same
at
the
front
end,
but
on
the
back
end
they
will
be
linked
a
little
bit
differently.
If
I
don't
follow
the
conversation
here
correctly.
The.
A
A
B
B
A
A
strict
one-to-one
relationship
between
issues
and
vulnerabilities-
this
is
asking
us
to
on
top
of
having
that
one-to-one
relationship.
I,
don't
say
relations,
that's
wrong,
but
you
can
also
relate
other
issues
that
were
not
created
from
that
vulnerability.
So
what
you're
saying
today
is
correct
so
much
in
the
future
that'll
change,
because,
in
addition
to
that
that
one
special
issue
you'll
be
able
to
relate
other
existing
issues
to
it
all
right
Alexander
how
to
get
questioned
about
sort
of
what's
available
in
the
back
end
back
end,
it
looks
like
a
met
has
answered
that.
A
D
C
Actually,
after
like
looking
at
this
and
scrolling
all
the
way
down,
I
thought
there's
more
comments
after
mine,
but
there
or
not
they
were
all
above
mine
and
so
from
the
front
end.
It
looks
good
and
now
I
now
I
have
no
idea
what
Thiago
meant
about
what
work
is
left
for.
This,
so
seems
good
to
me.
I.
D
E
A
A
C
Yeah
I
think
you
know
first,
just
like
moving
the
create
issue
button
down
and
creating
that
box
I
mean.
Obviously
we
can.
We
can
add
this
box
and
the
Create
issue
without
being
able
to
add
issues
that
might
be
like
the
fastest
win,
or
vice
versa
like
create
the
add
issue
button
and
then
be
able,
add
them
here.
I
know,
I
think
that's
seen
it's
doable
so.
A
C
A
A
Okay,
so
then
I
guess
I'm
a
little
unclear
if
there
is
some
back-end
work
to
do.
We
kind
of
get
into
this
place,
though,
and
we
want
to
split
things
down,
and
we
want
to
do
that,
and
you
want
to
encourage
that
and
that's
great
I
feel
like
we're,
always
doing
fancy
footwork
and
like
where
does
the
backend
work
live?
Where
does
the
front-end
work
lives?
I,
think
what
you
described
Alexander.
That
first
step
would
just
be
front
end
right.
It's
just
moving
things
around,
so
I
can
work
with
you.
A
This
is
some
time
today
to
create
that
issue
or
I
can
create
it
and
send
it
to
you
and
have
you
give
it
a
look-see,
and
then
we
can
keep
this
existing
issue
that
we
were
just
looking
at
to
add
that
additional
back-end
functionality
of
relating
issues
and
building
on
top
what
that
front-end
first
issue
would
be
cool.
Okay,
I'm
gonna,
take
a
action
item
here.
C
A
F
B
A
C
I
I
strongly
agree
with
what
slash
is
saying
because
I
know
I
have
at
least
one
ticket
that
has
been
in
dev
for
me,
but
them
not
actually
working
on,
because
the
back
end
is
working
on
right
now,
and
so
it
looks
like
I'm
have
a
lot
more
on
my
plate,
but
really
I'm
like
just
sort
of
waiting
for
this
and
then
what
they
do
and
their
stuffs
in
reviewing
zoo,
B's,
AB
and
stuff.
Like
that.
A
It's
all
make
sense
as
long
as
you
guys
are
okay
with
the
overhead,
even
for
small
issues,
breaking
it
down
into
multiple
issues.
I
know
when
we
first
tried
this.
There
was
some
feedback
in
retro
around
now
the
conversation
gets
dispersed
across
multiple
issues
right,
so
you
have
to
keep
an
eye
on
a
lot
of
different
comments,
and
you
know
issue
threads
to
make
sure
on
top
of
things
we've
been
talking.
You
know
the
the
PM's
idioms
around
ways
to
use
epics
better,
which
might
help
solve
this.
A
D
Okay,
what
it
was
actually
gonna
ask
should
not
necessarily
promoting
this
one
but
put
a
container
epic
around.
This
I
know
that
that
was
one
of
the
things
we
talked
about
doing
so
that
it
was
this
particular
issue
and
then,
whatever
implementation
issues
that
we
want,
so
we
can
close
everything
out
all
at
once.
I
guess
it's
more
of
a
question
for
the
for
you
in
the
group.
Okay,
that's
a
good
idea
before
I
make
it
question
mark.
A
Hearing
Sebastian
Alexander's
feedback,
I'm
gonna,
encourage
this
I.
Think
it'd
be
a
good
way
to
illustrate
what
we've
been
talking
about
with
Iago
and
Sam
and
weighing
around
using
epics
and
design
issues
and
whatnot.
We
might
not
have
a
design
issue
per
se
on
this
one
and
we
might
be
stepping
into
it
a
little
bit
late
in
the
work
flow,
but
better
now
than
ever.
C
Let's,
let's
save
this
for
retro,
actually
I
think
this
is
going
into
a
more
retro.
A
Let's
just
keep
moving
on,
I
might
still
have
meant
to
do
this,
we'll
take
it
offline,
I,
don't
think
it's
gonna
really
affect
you
know
how
you
guys
pick
up
work
and
move
things
it
just
if
we
end
up
having
three
different
issues
around
this.
It
just
has
a
apparent
that
they
all
roll
up
to
that.
We
can
look
at
so
we
have
one
more
item
on
the
list,
but
I,
admittedly
added
it
in
the
middle
of
the
day
yesterday.
A
So
if
I
know
Alexander
is
you
know,
on
top
of
things
and
he's
already
had
a
chance
to
look
at
and
that
some
questions
I,
don't
know?
If
anyone
else
has,
we
can
take
a
look
at
it
and
just
start
asking
some
questions
just
to
get
comfortable
with
it.
I
just
thought
for
the
first
time
yesterday
and
had
a
bunch
of
questions
so
Alexander
do
you
want
to
do
me
to
scroll
down
or
you
want
to
just
say
your
question.
A
D
H
B
H
B
F
A
A
You're,
not
the
only
one
John
I,
don't
think
most
of
us
have
looked
at
this
yet
so
take
a
look
at
this.
This
is
currently
slated
for
13.3.
So
we
have
plenty
of
time
I
just
to
bring
into
everyone's
attention
we'll
bring
it
up.
I'll
just
push
it
to
next
week
and
we
are
at
the
end
of
our
half
hour
anyways.
So
does
anyone
else
have
any
topics
or
questions
or
funny
jokes
I.