►
From YouTube: Defend: Threat Management Weekly Group Discussion
Description
Weekly meeting for the Defend:Threat Management group
A
Welcome
to
our
threat,
insights,
I
think
I
need
to
be
careful
about
what
I
call
our
group
names
because
currently
threat
management
is
when
I
have
on
everything.
It
will
be
updated
to
threat
insights
relatively
soon.
I
think
I'll
wait
for
the
handbook
change
to
be
made
this
time
before
I
make
that
update
our
weekly
group
discussion
in
the
past.
This
has
been
primarily
focused
on
planning
breakdown,
but
in
order
to
consolidate
the
Monday
morning,
demo
meeting
and
any
other
synchronous
group
wide
conversations
we
want
to
have
in
the
area
of
threat
management.
A
We've
tried
to
move
it
all
into
this
meeting,
so
the
agenda
has
been
updated
to
reflect
that
I'm
gonna
jump
right
in
so
there's.
Looking
at
previous
discussions,
there
has
been
some
ongoing
discussions
over
the
course
of
the
last
week
that
I
wanted
to
mention
with
sam
beckham
matt
wilson,
avi
l
from
the
secure
team
and
myself
around
the
front
end
integration
of
the
first-class
vulnerabilities
into
the
security
dashboard.
Since
a
BL
is
not
here,
I
don't
think
I'm
gonna
spend
too
much
time
getting
into
those.
Thank
you
for
joining
sam.
A
There
they're
just
a
big
highlight
there,
is
that
obvi
l
is
still
contributing
to
backend
work
in
the
security
dashboards,
which
is
great.
It
has
brought
up
the
question
of
whether
we're
moving
a
lot
of
our
changes
into
graph
QL
and
we're
still
discussing
that.
I
think
the
direction
that
we're
hoping
to
take
is
to
introduce
graph
QL
in
the
security
dashboards,
but
leave
the
stand
alone,
vulnerability
page
as
it
is
today.
A
This
will
help
because
we
don't
have
a
lot
of
graph
QL
experience
on
the
front,
end
defend
team
and
that
work
is
already
done.
We
don't
want
to
delay
this
MVC
some
more,
but
in
general,
that's
the
direction
that
all
of
get
lab
is
front
and
front
and
is
going
so
we'll
want
to
create
an
issue
to
retrofit
that
standalone
page
to
use
that
technology.
There's
some
outstanding
questions,
or
rather
on
whether
whether
any
of
the
remaining
work
for
that
standalone
vulnerability,
page
needs
to
be
done
in
graph,
QL
or
not.
I.
A
A
B
A
For
the
sake
of
time,
I'm
not
gonna
share
this
on
the
call
today,
I'm
encouraging
people
to
watch
it
asynchronously
provide
any
feedback,
whether
it's
directly
to
Sam
or
here
in
the
document.
I,
don't
know
if
there's
an
issue
or
an
mr
Sam.
If
you
have
an
mr
that
you
want
to
link
to
here
for
any
questions,
I
think
that
would
probably
be
the
best
place
for
that.
A
But
in
general
I
love
this
approach,
I
think
that
if
we
can
have
demos
recorded
and
shared
asynchronously
before
the
call,
we
can
use
a
few
minutes
of
this
meeting
for
any
highlights
or
questions.
Any
discussion
that
comes
out
of
the
demo
I
think
it's
a
better
use
of
our
time
than
watching
them
together
on
a
call.
So
that
brings
us
down
to
the
planning
breakdown.
I
am
going
to
share
my
screen,
which
I
didn't
realize.
I
wasn't
doing
that
before
sorry.
A
C
Okay
cool,
so
this
one
came
yeah
trying
to
read
through
this
one
but
yeah
so
I
think
on
this
one.
It
is
going
to
help
clarify
right
now.
Everything
is
assumed
in
the
master
branch
or
the
default
branch,
and
so
it
looks
like
if
things
are
piles
are
removed.
It's
going
wrong
line.
I
was
trying
to
scan
through
the
comments
and
this
one
it
actually
Russ.
If
you
remember
this,
one
looks
like
you:
wouldn't
Philippe
were
going
back
and
forth
a
few
weeks
ago
on
this
I.
D
Don't
know
about
going
back
and
forth,
but
Philippe
provided
great
insides
and
I
agreed
with
them.
I
I.
Think
I
think
my
like
my
last
comment
on
here.
If
you
want
to
scroll
to
that
is
kind
of
a
good
place
to
go
through
good,
go
from
yeah,
yeah
and
I
have
like
three
three
things
we
can
do
and
that
the
two
are
easier
and
and
what
Philippe
was
pointing
out
is
that
if,
if
you
dismiss
it
or
if
you
create
an
issue
when
it's
in
a
feature
branch,
we
don't
have
the
correct
permalink
for
it.
D
But
if,
if
you
create
an
issue
after
it's
online,
the
group
or
project
level
security
dashboard,
we
can
give
a
permalink
so
and
Dennis
from
the
security
team
like
the
way
they
use
it.
They
do
all
that
from
the
group
security
dashboard,
so
they
like
that
their
workflow,
they
absolutely
could
have
a
permalink
every
time
where
it
doesn't
work
like
that
necessarily
for
everyone.
D
And
I
guess
my
biggest
question
would
be
to
Andy
as
far
as
the
user
experience
like.
Is
that
gonna
be
good
or
bad,
or
what
do
you
thought
as
far
as
like
at
some
point?
Well
sometimes
we'll
say
hey:
this
is
a
permanent
link
to
this
file.
It's
gonna
be
here
forever
and
then,
but
if
they
had
to
create
the
issue
from.
D
A
E
Right
so,
basically,
when
you
have
a
finding
in
the
modulus,
the
program
is
the
location
of
defining
is
based
on
the
current
branch
and
the
cron
commits,
but
these
commits
and
that
branch
are
going
to
disappear
in
the
future.
So
once
the
branch
is
getting
merged
into
master,
if
you
squash
the
comitia
I'm
going
to
create
a
new
commit
and
the
previous
location
is
going
to
be
or
fall
for,
it
doesn't
exist
anymore.
E
So,
in
the
perfect
ideal
war
we
would
have
this
location
that
would
be
dynamic
so
that,
in
the
context
of
the
merge
request,
we
would
link
to
the
current
commit
where
we
found
actually
the
defining
and
once
the
merge
request
has
been
merged
into
master.
We
need
to
update
all
these
findings
for
different
abilities
location
so
that
they
will
point
to
the
new
location,
the
new
commit
into
master
so
that
we
have
a
permalink
and
it
needs
to
be
prominent
because
the
code
is
going
to
evolve
with
time.
D
I
one
further
like
complication
to
that,
is
like
we're
not
storing
that
permalink
as
a
like,
as
a
database
record,
we're
just
injecting
it
in
as
text
in
the
description
of
an
issue.
So
it's
not
as
easy
to
update
as
it
is.
It
could
be.
If,
if
we
wanted
to
go
that
route
of
making
it,
you
know
an
attribute
or
something.
A
All
right
not
to
confuse
planning
break
down
with
glue
mean
I
think
we
need
to
remember
what
the
goal
of
this
meeting
is
so
I'm
gonna
go
back
and
remind
everyone
about
the
questions
that
we're
trying
to
answer.
As
part
of
this
conversation,
I
think
Philippe
just
did
a
great
job
of
explaining
to
us
the
requirements.
Is
there
any
questions
around
the
intent
of
the
requests
and.
A
E
A
A
A
F
E
What
the
brain,
if
you
link
to
the
the
fighter,
18
master
and
that
five
disappear
for
some
reason
you
can
I'd
like
to
scroll
104,
you
need
that's
why
you
need
the
feminine.
You
need
the
exact
states
of
the
fight
at
that
exact
moment
where
we
found
the
platform
of
living
being
able
to
update
all
the
vulnerabilities
when
we
merge
something
I
don't
see,
which
is
honestly
and
I
understand.
That's
a
little
port,
probably.
G
A
A
A
F
Correct
yeah
cuz
I
mean
even
in
the
mr
experience,
isn't
great
because
the
these
are
stealing
with
the
feature
branch,
but
when
they
click
on
the
location
they
get
taken
to
like
a
dead
dead
file,
it
tells
him
where
and
what,
but
it
can't
do
anything
from
it,
especially
for
me
Amana
doesn't
make
sense.
They
should
be
able
to
at
least
they
could
change
from
there.
A
All
right
so
I'm
kind
of
at
a
loss
right
now,
I
know
that
Ross
we're
not
supposed
to
be
doling
out
more
work
to
you
at
this
point.
You
know
I,
don't
see
Jonathan
or
me.
How
here
I
think
that
this
is
gonna
require
some
more
conversation,
but
I
don't
want
to
spend
the
whole
half-hour
of
this
call
discussing
it.
So
absolutely
that's
very
I'm
gonna.
Take
a
note
that
I,
don't
I,
don't
know
the
right
way
to
proceed
here.
A
I
think
we
need
to
find
a
right
asynchronous
way
forward
and
not
necessarily
be
dependent
on
another
call,
I'm,
not
sure
what
that
is
right
now
so
I'm
open
to
suggestions,
otherwise
we're
gonna,
we're
gonna
hop
down
to
the
next
ticket
and
or
the
next
issue,
and
either
put
this
back
on
the
agenda
for
next
week
or
I'm
forced
to
set
up
another
synchronous
call
specifically
on
this
issue.
I
think.
G
That
we
can
just
assign
a
DRI
that
someone
within
the
team
so
I
know
they
aren't
here.
But
if
we
can
give
that
to
Jonathan-
and
we
need
an
answer
before
the
end
of
the
week
on
this
or
before
next
week
and
he's
as
the
DRI
you're
willing
to
pull
in
anyone
needed
to
so
just
think
people
in
the
issue.
And
if
we
still
don't
have
an
answer
in
a
week,
then
we
can
restart
the
process.
A
All
right
moving
forward,
so
that
was
the
first
one
hi
AVI.
Oh
thank
you
for
joining
us.
We've
kind
of
moved
on
from
the
the
graph
QL
security
dashboard
integration
discussion
to
get
through
some
of
our
planning
breakdown,
so
I
was
gonna,
set
up
some
time
with
you
and
Sam,
and
maybe
another
front-end
developer
for
tomorrow,
and
we
can
sync
up
and
slack
after
this.
So
that's
okay!
Thanks
for
joining,
though
yeah.
A
So
next
issue
on
the
list
for
planning
breakdown
dismiss
finding
the
turn
into
dismissed
vulnerabilities.
A
This
was
created
by
me
house
by
Ross
couple
weeks
ago,
and
it
is
assigned
to
me
how
already
so
I'm
not
sure
if
he's
already
been
grooming,
this,
let's
see
and
Wayne,
is
unfortunately
not
here,
and
neither
is
me
some,
like
they've,
had
a
discussion
about
this
one.
It
seemed
like
a
pretty
straightforward
issue
to
me,
so,
let's
just
make
sure
from
everyone
else.
In
the
group's
perspective,
I
hope
you've
had
a
chance
to
review
this
in
advance,
and
you
understand
the
intent
of
this
request.
A
A
solution
validation
complete,
so
it
sounds
like
there's
some
discussion,
they're,
both
Wayne
or
me.
How
I
wanted
to
have
on
this?
But
since
they're
not
here,
does
anyone
have
any
any
questions
or
anything
that
we
want
to
have
on
the
recording
for
when
they
watch
this
additional
topics
that
came
up?
While
you
were
reviewing
this
in
advance
prior
to
this
meeting
and
thinking
about
it.
D
D
D
D
My
question
is
is
about
timing
because,
like
if
I
get
that
done
this
this
release
and
we
that
migration
goes
out
and
everything's
up
to
date.
But
then
we
don't
have
this
code
in
there
yet
and
more
vulnerabilities
are
created,
have
been
dismissed
and
then
are
created.
They
will
be
in
the
detected
State
as
well
and
will
need
to
be
updated
again
so
to
make
sure
that
everything
is
is
moved
to
dismissed
appropriately
and
we
don't.
We
don't
miss
anything.
We'll
need
to
run
that
part
of
the
migration.
D
D
And
this
I
mean
if
we,
if
so,
we
don't
need
to
run
this
migration-
that
I'm
working
on
until
we're
ready
to
remove
the
feature
flag
for
everybody.
So
the
question
is:
would
it
make
sense
to
wait
on
Miami
migration
until
we
have
this
in
place,
or
should
we
just
do
the
dismissal
migration
part
twice?
That's.
A
D
D
A
D
A
A
I'll,
be
the
final
word,
then,
all
right,
so
we
might
revisit
that
les
issue
based
on
any
questions
that
Wayne
Army
had.
But
let's
keep
going.
We've
got
one
more
issue
and
then
a
couple
of
defects
and
for
the
sake
of
time,
we've
got
seven
more
minutes,
hey
Matt.
How
would
you
feel
about
jumping
down
to
that
high
severity
issue
just
to
make
sure
we
get
it
covered
today,
because
it
is
a
p1s
one,
yeah.
A
E
So
like
they,
they
did
that
because
from
the
dashboard
one
you
want
to
create
an
issue
from
a
finding.
It's
not
working.
It
basically
does
nothing
and
I'll
report
on
the
alter,
a
user,
and
if
you
investigate
the
backend
respond,
you
have
response
not
respond.
Sorry
I
need
to
change
that
project
in
the
frame
we
can
print
can
be
blank,
and
it's
not
the
case
for
all
the
findings.
E
Actually,
it
seems
to
be
only
for
Hugh
container
scanning
dozen
different
scanning,
but
SAS
is
a
funky
working,
so
I
suspect
something
with
the
common
format
that
would
be
added
somewhere,
but
not
seeing
all
the
places
like
in
the
past
or
something
of
that
the
poem
is.
It
prevents
the
users
from
creating
issues
from
the
findings.
So
that's
that's
a
regression
and
that's
it.
E
F
E
A
All
right,
so
it
sounds
like
this
is
gonna
need
some
triage,
since
this
is
production
and
a
high
priority,
I
think
that
it
will
require.
You
know
somebody
to
context
shifts
today
or
soon
just
to
ensure
that
the
priorities
set
correctly
and
that
if
it
is
and
truly
a
few,
this
one
that
we're
addressing
it,
you
know
as
soon
as
possible.
So
this
is
a
back
condition.
We
don't
have
any
beckoned
developers
on
the
call
I
believe
I
could
be
totally
wrong.
So
is
there
any
volunteers,
first
of
all
to
look
into
this
further.
A
A
A
B
A
A
F
A
A
You
can
already
tell
us
that
it's
not
that
so
it
sounds
like
we
need
a
back-end
developer,
probably
but
we're
gonna
we're
gonna
take
this
offline
and
we
need
to
discuss
it
in
the
defend
channel
we
can,
but
I
don't
want
to
go
over.
So
thank
you,
everybody
for
your
time.
I'll
share
the
recording
of
this
invite,
both
in
the
slack
Channel
and
on
the
agenda
and
I'll
talk
to
some
of
you
all
in
the
immediate
next
meeting.
We
should
really
have
these
in
the
same.
Zoom
call
sorry.