►
From YouTube: Threat Insights - Weekly Group Discussion 2020-04-021
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
I
record
locally
and
then
upload
manually,
what
is
not
as
efficient,
so
yeah,
so
Matt
couldn't
make
it
today
because
he's
at
a
client
advisory
board,
meeting
I'm
the
so
you
know,
I
posted
in
slack
I
post
in
the
meeting
I'm,
just
gonna
read
read
what
Matt
said
attending
it's
really
key
is
that
he
met
yesterday
with
the
customer
that
that's
behind
the
hard
part
for
standalone
vulnerabilities
and
project
level.
B
Exports
in
1210
they're
very
pleased
and
excited
by
all
the
progress
and
understand
the
challenges
we
encounter
going
getting
into
this
release
and
when
say,
Senna's,
the
sales
team
is
said.
The
same
thing
he
can't
say
thank
you
enough
to
the
team
for
being
above
going
above
and
beyond
the
effort.
It
certainly
is
not
and
should
not
be
our
normal
mode
of
operating.
So
I
wanted
to
share
that.
The
extraordinary
efforts
were
very
notice
and
deeply
appreciate
by
the
customer,
the
sales
organization
and
beyond.
B
Not
only
is
this
kind
of
long
way
to
rebuild
the
customers,
trust
and
gait
lab
as
a
whole,
but,
more
importantly,
realizes
the
long-standing
gold-making
stand-alone
vulnerabilities
reality,
and
this
was
the
team
that
finally
made
it
happen.
You
know
gitlab
summit
get
labs
started
on
this
or
sort
of
thing
about
this.
A
year
and
a
half
ago
long
before
any
of
us
at
the
company
were
at
the
company,
you
know
I
think
May
Phillippe
was
here,
I,
don't
know
if
you
were
involved
with
that,
then.
B
This
is
the
the
vulnerability
dismissal
state
migration
which
is
needed
before
going
live,
Matt
and
Lindsay
and
I
discussed
it
and
also
you
know
some
sales
team
is
if
we
had
gone
live
without
that
customers
that
had
previously
manually
clicked
on
hundreds
to
thousands
of
vulnerability
saying
this
is
not
an
issue
for
me
would
have
lost
that
state
and
what
about
to
redo
that
analysis
and
work,
and
that
was
unacceptable,
which
which
we
all
agree
with.
So
that's
in
flight
right
now
we
cut
the
scope
of
it.
It
was
initially
bigger
than
that.
B
C
C
B
D
B
Think
we're
gonna
know
that
until
next
week
is
they
even
if
we
had
it
ready
today,
I
think
they
said
that
they
wouldn't
have
the
engineers
on
their
side
ready
to
run
it
maybe
sit
there
self
hosted
and
they
run
it.
They
have
their
own
staging
environment
and
they
don't
have.
They
wouldn't
have
the
engineers
available,
even
if
we
were
ready
this
week
to
to
install
or
not
release
or
even
or
even
twelve
ten.
B
C
The
13
dunno
stuff
is
mostly
populated
by
myself
and
Matt.
So
as
everybody's
aware
and
13
dodo,
we're
not
gonna
be
doing
a
lot
of
new
feature
development.
We're
gonna,
get
an
opportunity
to
burn
down
debt
and
things
that
we
kind
of
cut
corners
on
to
try
and
make
the
12:10
deadline.
There
is
one
exception
which
is
around
introducing
the
instance
level
of
vulnerability,
export
or
sorry
introducing
the
vulnerability
export
to
the
instance
level
dashboard.
So
we've
already
got
that
groom.
Then
it's
assigned
with
the
exception
of
that
issue.
C
I,
have
this
I'm
going
to
have
not
assigning
issues
to
people.
So
I've
put
this
in
the
psych
channel.
It's
here
as
well
we're
gonna
move
to
a
more
Kanban
style,
especially
what
we're
working
through
debt.
You
know,
there's
an
area
if
you
think
something
is
miss
prioritized
and
you
think
there
is
a
follow-up
or
a
debt
issue,
that's
further
down
the
list
than
it
should
be.
I
trust
you
to
reprioritize
debt.
C
What
I
don't
want
anyone
to
it's
a
reaper
type
reprioritize
that
one
feature
issue
that
is
our
deliverable
format,
he's
put
that
on
the
release.
Video
at
this
point
there
might
be
a
little
bit
more
work
sitting
there
and
they're
ready
for
development
column.
Then
we're
able
to
complete
and
13
dotto,
but
we
will
work
to
distribute
that
into
future
iterations
as
well.
E
C
So,
thank
you
so
much
and
Alexander
for
sharing
the
demos.
You
know
both
our
you
know,
complete
deliverables
siwash
showed
that
sorry
I
was
mistaking
that,
for
the
expert
socialist
showed
the
unconfigured
state,
the
instant
symbol,
dashboard
and
Alexander
has
a
video
here
for
the
entire
end-to-end
of
the
standalone
vulnerability
flow
I
think
we
looked
at
it
a
little
bit
together
yesterday,
there
might
be
a
few
questions
around
the
standalone
page
right
Alexander.
C
There
was
something
or
maybe
we
were
just
identifying
things
that
had
gotten
deferred
for
if
you
change
the
state,
you
need
to
refresh
the
page
currently
to
see
some
of
that
history,
and
we
do
have
issues
representing
that.
So
it
brings
up
a
good
point
if
you're
looking
through
that
demo
and
you
see
any
unexpected,
behavior,
try
and
reproduce
it
if
you
can
create
a
bit,
create
an
issue
for
it,
so
we're
making
sure
that
we're
tracking
anything.
E
C
Everything
should
be
including
alexander's
issues
that
he
created
should
be
sitting
in
the
ready
for
dev
for
13.0.
At
this
point,
like
I
said
it's
there's,
probably
more
than
we
can
complete
there
in
iteration,
so
I
just
put
all
of
the
debt
there.
At
this
point
there
might
be
a
few
things
that
we've
decided
no
they're
just
not
needed
right
now,
so
they
don't
move
forward
to
an
iteration
but
check
their
first.
B
B
C
Phone
everyone
correct
me:
if
I'm
wrong
planning
breakdown
is
really
helping
p.m.
break
down
their
features
into
smaller
issues,
as
you
guys
have
created
your
technical
debt
issues,
most
of
them
are
very
small.
You
put
sizes
on
them.
For
me
weights,
most
of
them
are
1
2,
3,
anything
that
I've
seen
it's
gotten
bigger
than
that
we've
had
discussions
around
breaking
them
down.
Has
anyone
seen
a
need
to
do
planning
breakdown
for
the
13.0
debt
items
versus
starting
to
you
know?
C
See
now
Alexander
shake
his
head.
A
little
bit
of
yellows
got
to
shake
your
head.
If
anyone
has
a
particular
debt
issue
that
is
in
13.0
that
they
want
to
work
with
the
team
to
make
it
smaller
or
find
a
way
to
make
it
a
smaller
size.
You
know
this
is
a
good
opportunity
to
bring
that
up.
I
didn't
personally
see
any
going
through
the
list.
Oh
you
guys
have
done
an
excellent
job
of
creating
well
scoped
issues.
F
C
C
Feature
with
you
know,
I
think
you're
aware
we
had
a
few
items
on
the
security
dashboard,
where
we've
that
we've
got
some
reports
that
are
still
back
by
findings.
I
tried
to
prioritize
those
higher
because
they
have
a
customer
impact,
so
they
are
its
prioritized
to
my
best,
my
belief.
What's
the
most
important
I've
had
in
that,
take
a
look
at
it
as
well,
but
I
think
you
folks
have
the
better
handle
on
what
should
maybe
be
moved
around.
C
B
G
To
find
the
unmute
button
yeah,
so
this
has
to
do
with
the
standalone
vulnerabilities
documentation,
so
we
went
ahead
and
merged
the
the
documentation
for
standalone
vulnerabilities,
so
it
is
live
on
the
website.
The
links
for
what
we
merged
I've
put
in
the
dock.
So
my
question
is:
should
we
pull
those?
G
Should
we
add
a
note,
because
it
right
now
it
says,
introduce
and
get
lab
1210?
We
could
change
it
to
introduce
in
13.0
or
put
a
warning
saying.
This
is
behind
a
feature
flag
that
is
disabled,
axel
I,
asked
axel
and
he
didn't
know
so.
He's
got
a
question
out
to
the
on
the
docs
team
slack
about
what
we
do
in
such
situations,
but
I
just
wanted
to
one
kind
of
bring
this
to
the
forefront
and
to
see
what
you
all
thought
just.
C
To
add
it's
not
just
the
standalone
vulnerabilities
documentation.
Someone
else
put
the
link
in
here.
It
is
the
export
report
as
well.
It's
not
gonna
be
live
in
1210.
So,
okay,
does
anyone
know
what
standard
practice
here
is
I
mean?
Is
it
possible
to
say,
introduced
and
get
level
two
meant
and
$13,
and
so
leave
it
up
here
or
would
we
be
better
served
to
pull
it
down.
C
B
Coming
yes,
the
documentation
is
here's
a
little
earlier
and
what
we
were
expecting
well,
then,
won't
it
sits
there
earlier
in
a
perfect
world
server
there
that
it
should
be.
How
much
of
that
is
gonna,
be
an
issue.
I
mean
it's
a
preview
for
customers
for
the
new
stuff,
the
old
stuff.
Yes,
a
new
user
or
an
existing
user
who
doesn't
know
the
old
stuff
you
know,
will
click
on
and
say:
wait
this
doesn't
match
what
I
see,
which
is
not
great,
but
I
don't
know
what's
norm.
B
What
is
normal
for
gitlab
to
do
in
these
situations,
but
it
seems
like
a
reasonable
situation,
we're
in
ugly
improving
it.
Maybe
in
hindsight
we
should
have
kept
both
sets
out
there
and
said
this
is
old,
and
this
is
new.
You
know
hindsight,
being
20/20,
not
remove
the
old,
just
added
the
new
and
said
you
know
this
is
this:
is
the
older
the
newer
is
coming
but
I?
Don't
I,
don't
think
it's
a
big
deal,
but
what's
normal
forget
labs,
anybody
knows
and
then
separately
from
that
one.
What
do
people
expect
yeah.
G
I'll
try
to
figure
out
from
the
rest
of
the
docs
team.
What's
typical,
but
I
mean
we
do.
It
is
common
that
will
merge
stuff
before
release
and
say
introduced
in
whatever
that
upcoming
release
is
so
you
know
there.
There
is
a
period
of
time
where
you
were
ahead
of
the
game
as
far
as
that's
concerned,
so
yeah
I,
don't
think
that
is
too
big
of
a
deal
I,
so
I
could
just
change
it
to
introduce
tunes.
H
G
E
Going
off
of
what
Wayne
said
about
having
like
cue
versions
up,
what
is
does
get
lab
normally
do
that
for,
like
hat,
if
something's
changing
radically
like
you,
have
the
old
version
of
the
docs
and
then
saying
new
in
we're,
starting
in
this
new
milestone.
Things
gonna
be
like
that,
because
it
assumes
some
self-hosted
people
do
not
keep
up
the
date
with
the
latest
code,
and
so
it
might
be.
G
H
A
A
And
it
was
introduced
in
the
past
because
we
had
this
kind
of
issue
where
the
documentation
was
merged
before
actually
seeing
the
feature,
because
it
was
not
deployed
on
the
club.com.
You
know
before
I
guess,
maybe
nine
months
from
now
we
were
pushing
to
get
that
that
come
only
once
a
month,
but
that
the
commutation
was
a
dated
by
the
way.
So
you
could
see
that
kind
of
case
where
the
documentation
is
there
for
feature.
That
is
not
going
to
be
there
until
the
22nd
of
the
next
month.
Right
it's
different
now,
but
could
happen.
C
C
C
E
Am
working
on
the
issue
right
now
of
removing
the
vulnerability
list
from
the
side
panel
so
that,
because
it's
the
same
thing
as
security
dashboard,
a
few
things
and
so
I,
a
part
of
that
ticket
is
to
update
documentation
to
removed
I,
would
assumed
any
references
of
long
ability
lists
as
like
a
side
panel
option
cool.
If
everybody's
cool
with
that
perfect.
E
A
C
B
What
I
would
say
is
not
only
you're
encouraged
to
not
come
if
you're
in
Europe
and
it's
it's
outside
your
business
hours.
You
know
read
the
document
put
in
your
questions
beforehand.
Look
at
it
afterwards
look
at
the
video,
but
we
want
that.
You
know
we
want
a
good
work-life
balance.
That's
why
we're
alternating
the
meeting
come.