►
From YouTube: Threat Management Staff Meeting Aug 12, 2020
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
So
we
haven't
done
our
threat
management
staff
meeting
in
a
while,
but
I'm
glad
we're
doing
it
today
and
lindsay
you've
got
the
first
couple
items.
B
I
do
so
and
I'm
actually
wrong.
I'm
gonna
update
it
as
I
type
it's
actually
our
fourth
community
contributor.
There
was
one
that
slipped
through
and
I
think
someone
from
the
secure
team
helped,
but
we
did
get
another
community
contributor,
mr
merged
last
month,
so
alexander
assisted
with
that-
and
I
know
everyone's
probably
aware
that
thiago
is
scheduling,
office
hours
to
try
and
encourage
more
community
contributions.
B
You
know
encourage
everyone
to
share
it
on
their
social
media
and
their
friends,
and
that
was
that
one
I
actually
put
these
up
as
announcements.
So
I
shouldn't
go
to
that.
I
should
just
go
straight
to
the
agenda,
so
you
guys
can
read
those
top
ones
and
I'm
going
to
jump
right
down
to
the
agenda.
My
bad-
and
I
think
this
is
new
to
this
format.
You.
B
Zendesk
access
this
came
up
through
some
production
defects
or
production
reports
that
we've
had
recently,
and
it
was
been
kind
of
a
struggle
to
get
all
of
the
information
from
the
customer
reported
ticket.
It
is
very
easy
to
sign
up
for
read-only
access
to
zendesk
I've
already
gone
through
it.
I'm
encouraging
everyone
else
to
do
it
so
that
you
can
reference.
You
know
directly
what
the
customer
says
there.
You
won't
be
able
to
ask
them
questions
there,
though
you'll
still
need
to
go
through
a
support
representative
to
do
that
so
team
retrospective.
B
So
keeping
that,
as
is
we
did,
I
did
want
to
share
what
the
retrospective
action
item
is
for
13.2.
I
think.
Historically,
we
haven't
done
a
great
job
of
making
sure
that
the
team
is
aware
of
this.
I'll
also
make
sure
we
put
it
into
the
slack,
but
as
a
result
of
some
of
the
feedback
that
we
got
in
the
132
retrospective,
we're
focusing
on
this
item
of
finding
proposals
to
improve
the
code
review
process.
B
So
as
a
group,
if
we
can
gather
together
at
least
one
solid
proposal,
we're
not
saying
it
has
to
be
merged
or
anything
for
ways
to
address
some
of
the
frustrations
that
people
have
expressed
in
the
last
couple
of
retrospectives,
and
I
get
that
that's
a
little
bit
of
a
cop-out
because
we
don't
know
what
those
improvements
are
right
now
we
just
know
that
there's
frustrations.
B
So
you
know
we
encourage
everyone
to
submit
proposals,
but
as
a
group,
let's
just
make
it
a
goal
to
at
least
have
one
I'm
just
going
to
keep
talking
planning
breakdown
before
I
do
that,
damir,
jonathan,
arthur
or
anything
questions,
feedback,
thoughts.
B
Okay,
planning
breakdown-
I
think
I
had
we've
already
talked
about
this.
This
is
just
a
reminder.
It
should
probably
go
up
in
the
announcements.
Just
remember
you
know,
going
into
planning
breakdown.
Take
a
look
at
the
issues
in
advance
as
a
way
to
sort
of
a
forcing
function
or
a
holding
accountability.
B
We've
asked
people
to
indicate
that
they've
taken
a
look
at
things
in
advance
by
putting
an
emoji
a
carrot,
emoji
specifically
because
we
thought
I
wouldn't
get
confused
with
other
things,
but
this
is
also
to
encourage
you
to
ask
your
questions
in
the
issue.
You
know
well,
it's
good
to
have
discussion
in
our
planning
breakdown
meetings
and
our
group
meetings
it's
better
to
have
it
in
the
artifact,
so
that
people
can
reference
it.
A
Good
stuff,
so
q3,
okrs
and
q2
up
here
so
q2
just
ended.
I'm
gonna
click
on
the
q2a,
okay
r1
so
which
were
in
the
notes,
not
not
sure
screen.
So
we
did
really
well
in
q2.
We
didn't
achieve
everything
100
we
were
expecting
to,
but
we
did
quite
a
few
and
that's
actually
kind
of
the
point
of
okr's.
This
should
be
somewhat
aspirational
so
really
quickly.
A
The
team
completed
iteration
training
100.
We
improved
the
code
review
process.
We
put
in
a
couple,
mrs,
to
improve
the
code
review
process.
We
started
the
process
and
had
a
database
maintainer
on
the
threat
management
team.
We
delivered
all
planning
priorities
on
time.
We
actually
didn't
have
any
that's
because
not
because
they
there
shouldn't
be
any
but
because
product
nation
didn't
have
any
force,
so
we're
gonna,
stop
tracking
that
one.
That's
been
historically,
not
a
good
metric
for
us,
but
I
think
it's
for
other
teams
and
so
on
the
other
ones.
A
We
got
our
team
mre
to.
We
wanted
to
get
it
to
greater
than
equal
to
10
and
we
got
it
to
seven
and
7.4,
which
is
really
good,
because
we
started
out
much
lower
than
that,
and
you
know
we're
breaking
things
up
further
into
smaller
pieces,
we're
trying
to
get
a
better
mix
of
big
things
and
smaller
things,
which
is
good,
so
that's
definitely
gone
in
the
right
direction.
We
also
noticed
the
way
this
was
tracked.
A
It
was
a
team
rate
when
we
looked
at
how
we
are
compared
to
other
teams
just
to
do
a
comparison
and
other
team.
The
way
the
metric
was
computed
is
for
all
teams.
It
was
work
done
by
git,
lab
team
members
and
by
the
community,
and
we
have
currently
very
few
community
contributions
that
actually
made
the
number
higher
for
other
teams
than
us.
A
This
quarter
we're
actually
splitting
those
out
community
contributions
from
git
lab
team
member
contributions
and
when
you
compare
it
that
way
us
to
other
teams,
just
just
to
see
like
where
we
are
compared
to
others,
we're
actually
others
are
a
little
bit
higher
than
us.
I
think
they're
at
eight
or
like
a
little
bit
more
like
so
we're.
A
B
And
to
add,
it's
also
been
brought
to
our
attention
and
I
think
some
folks
are
aware
and
some
weren't-
the
managers
count
as
part
of
that
team
size,
so
both
so
so
wayne
thiago
and
myself
are
all
part
of
that
mra
and
we're
going
to
make
sure
that
we're
pulling
a
bit
more
of
our
weight.
I
can't
promise
that
I'm
going
to
get
to
10
a
month,
but
it's
better
than
like
one,
so
I
think
that'll
help
as
well.
Yeah.
A
We
have
something
for
yeah
good
point
for
q3.
On
that,
the
other
two
we
work
to
dog
food,
all
the
threat
management
features
and
we
got
it
was
very
successful,
but
we
didn't
we
didn't
do
it
for
everything
completely.
What
was
really
successful
is
for
the
we
got.
It
live
on
one
thing:
the
the
threat
management
stuff
that
our
friend
inside
stuff.
You
know
that
lindsey
and
jonathan
and
others
work
on
and
got
great
feedback
on
it.
A
We
also
tried
the
dog
food,
all
the
defend
features
inside
git
lab,
and
one
of
them
is
being
used,
the
others
we
learned
quite
a
bit
about
them,
which
was
great
that
that's
the
point
of
dog
food.
So
it's
not.
Some
of
them
are
not
ready
yet
and
we're
not
surprised,
but
we
learned
quite
a
bit
and,
lastly,
implementing
north
star
metrics.
We're
calling
that
one
for
all
the
all
threat
management
features
we're
calling
that
about
75
complete
it's
in
good
shape.
We've
got
all
the
different
things
tracked.
A
We
got
work
in
not
everything's
working
the
way
we
expected
with
collecting
all
the
metrics
we
want,
but
we
got
most
of
them
in
there,
which
is
great.
So
you
know
if
we
got
100
on
everything,
I'd
say
we
we
would
have
sandbagged
our
goals
right.
You
want
to
reach
a
little
bit
more,
so
I
think
this
is
a.
I
think
we
did
a
great
job,
any
any
questions
or
comments.
John
finner,
samantha
or
winston.
C
I
just
want
to
say
that
sometimes
we
have
some,
let's
say,
demos
and
research
tasks
that
that
they
are
going
to
lower
the
mr8
naturally,
but
that
that's
something
that
in
the
future,
especially
if
you
have
like
more
people,
then
that's
going
to
get
diluted.
A
Yeah
absolutely
vacation
time
working
on
spike
work
like
researching
new
technologies.
Sometimes
somebody
will
work
on
something
for
three
weeks,
because
it's
really
really
complex
and
hard
and
you
can't
break
it
up
further.
That's
gonna
happen,
and
sometimes
somebody
will
find
you
know
14
little
bugs
to
fix
that
I'll
end
up
being
separate,
mrs,
and
be
able
to
fix
them
in
two
weeks
right.
You
know
it'll,
it
should
all
average
out
in
the
end.
A
So
in
terms
of
so
q3
just
started,
let
me
click
on
the
link
for
q3
here
we're
going
to
have
the
dris.
Do
it,
but
tiago
couldn't
make
it
today,
so
we've
got
kind
of
some
similar
things
one
and
for
once,
lindsay
that
are
yours
I'll.
Let
you
cover
and
then
for
mine
and
thiago's
I'll,
just
quickly
discuss
them,
so
we're
doing
more
dog
fooding.
This
one
actually
goes
all
the
way
up
to
christopher
and
eric
my
boss
and
my
boss's
boss.
A
This
is
around
the
secure
features
for
secure
and
defend.
So
that
means
all
the
different
security
scanners
and
the
and
the
dashboards
and
basically
standalone
vulnerabilities,
yay
and
approvals.
Turning
on
security
approvals,
so
some
of
our
code
is
in
the
the
the
primary
gitlab
product
that
is
not
in
scope,
so
most
of
thread,
insights,
standalone
vulnerabilities
are
not
going
to
be
in
scope
for
this.
They
are
going
to
be
eventually,
but
if
we
turn
that
on
for
that,
it
would
turn
it
on
for
the
entire
product.
We're
not
ready
for
that.
A
So
it's
things
that
are
separate
like
a
lot
of
the
secure
scanners
are
separate
projects.
So
the
scanners
themselves
are
going
to
be
scanned
and
the
defend
features
we
want
to
make
sure
we're
scanning
them.
Thiago
and
I
have
not
gotten
started
on
this
todd's
team
has
and
which
is
great
because
we're
going
to
follow
their
lead
a
little
bit
on
based
on
what
they
find.
But
I'm
gonna
get
a
good
good
start
to
that
and
then
lindsay.
You
have
the
next
one.
B
So
one
of
the
efforts
is
around
making
sure
that
the
new
features
that
we
develop
use
those
components
and
the
second
is
around
specifically
the
haml
part
of
that
migration.
There's
another
effort
specific
to
the
view
migration
to
pajamas,
which
I
think
will
enable
one
of
the
later
krs
around.
You
know
some
low
hanging
for
people
like
for
for
people
like
me
for
managers,
you
know
easy
wins
that
we
just
described
earlier,
so
we
can
still
contribute
to
that,
but
we're
not
tracking
it
as
one
of
our
rkrs.
B
So
that's
that's
the
performance
improvement.
So
that's
getting
this
as
fast
as
github
by
using
faster
components,
and
you
know
lining
everything
across
from
a
user
experience.
It
also
has
the
benefit
of
aligning
everything
across
the
product.
B
So
I'll
keep
talking,
you
know
going
in
to
expand
the
capabilities,
the
subjective.
You
know
the
top
action
to
improve
our
throughput
metrics
is
around
raising
the
monthly
mra,
and
I
think
we've
already
talked
about
this,
so
both
thiago
and
I
will
be
dris
for
that
and
wayne
I'll.
Let
you
take
it
back
over.
A
Yeah
and
then
the
the
one
that
lindsay
lindsay
mentioned
earlier
is
you
know
the
people,
managers
or
readers
are
included
in
the
metrics,
so
we
want.
A
A
You
know,
keep
our
skills
sharp
and
be
contributing
directly
to
the
product
and
some
because
it
it's
part
of
the
overall
goal
that
everybody
contributes,
so
we're
going
to
be
working
on
lindsey
and
thiago,
and
I
doing
greater
than
equal
to
contributions
to
the
product
per
month,
each
which,
which
is
going
to
be
good
now
some
of
them
will
be
documentation,
changes
that
counts
handbook
changes,
do
not
documentation.
A
Changes
do
so
like
some
of
the
ones
that
lindsey
already
mentioned,
with
pajamas
that'll
count
and
hey
sam
and
some
of
the
ones
documentation
changes
that
I'm
planning
to
do.
I've
already
done
a
couple
and
some
animated
gifs
on
how
to
navigate
like
through
the
standalone
vulnerabilities
functionality,
for
example,
and
thiago,
is
planning
some
as
well.
A
You
know
I'll
cover
the
last
one
and
turn
it
back
over
to
lindsay.
So
last
one
is
holding
at
least
one
threat
management
community
office
hours
every
six
weeks.
So
this
is
where
we're
going
yeah
good
point:
you
painted
sam.
A
But
you
didn't
paint
them
green,
so
you
can
have
a
built-in
green
screen.
That
would
be
really
ugly
if
you
had
it
looks
nice
well,
thank
you.
So
we
want
to
get
more
community
contributions.
A
You
know,
as
lindsay
mitch
miller,
we
have
four
and
we've
got
our
fourth,
which
is
great
since
the
founding
of
the
team
and
talking
to
ray
pake
and
others
on
the
community
team.
This
is
a
good
way
to
do
it.
A
So
tiago
is
going
to
be
running
with
organizing
that,
where
we
just
invite
them
to
to
join
and
troubleshoot
things,
alexander's
already
been
doing
this
kind
of
informally
a
bit
and
those
have
been
actually
uploaded
to
youtube,
and
it's
been
great,
basically
walking
community
contributor
contributors
being
kind
of
a
coach
to
them
on
getting
their
changes
through
so
good
stuff
there
and
then
the
last
one
lindsey.
B
Yep
and
the
last
is
around
continuing
to
iterate
on
how
we
iterate,
so
everyone
knows
that
every
month
sid
holds
in
iteration
office
hours
or
you
can
bring
topics
that
he
will
either
things
that
you're
looking
forward
to
down
the
road
or
things
that
have
already
happened.
I've
definitely
seen
some
examples
of
like
how
could
we
have
done
this
better.
So
we
want
to
encourage
the
team
to
bring
at
least
two
items
a
month.
Wait
so
two
items
a
month.
A
Wait
no.
A
B
And,
of
course,
people
add
things
to
the
agenda,
who
can't
be
there
to
discuss
it,
there's
always
a
value
to
that,
and
if
somebody
has
an
idea
and
they're
not
able
to
attend,
you
know
please
reach
out
to
someone
in
the
team,
because
somebody
else
would
be
happy
to
go
and
speak
to
it,
and
my
experience
from
attending
have
all
been
pretty
positive.
I've
seen
some
really
good
ideas
come
out
of
it,
but
by
doing
this
we
think
we
can.
B
You
know
just
learn
more
from
sid
and
from
other
folks
within
the
company
and
continue
to
address
some
of
the
challenges
that
we've
had
with
breaking
things
down
or
not
breaking
things
down.
Based
on
what
the
question
is.
A
Yeah,
I
think
marin's
co-hosting
those
now
too
that's
great.
He
does
a
great
job
of
giving
advice
and
thoughts,
so
any
thoughts
or
questions
or
comments
on
the
q3.
Okay.
B
Last
agenda
item
is
just
a
reminder
and
I've
not
actually
seen
a
lot
of
action
around
this
from
this
team,
and
I
just
want
to
encourage
you
all
to
nominate
your
peers,
whether
it
be
peers
within
threat
management,
peers
of
insecure
other
parts
of
get
lab.
You
know
it's
not
just
managers
and
npms
that
give
the
discretionary
bonus
nominations
out.
So
you
know
please
think
about
times
when
people
have
gone
above
beyond
and
recognize
them.
A
All
right
thanks,
everybody
have
a
great
day
and
have
a
great
friends
and
family.
Today.