alt Hacker NewsI had a geniunely surreal conversation with the security team the past week, it went like:
'Hi, we are reaching out to you because our tool flagged a large data transfer between such and such services'
'Wait, the source endpoint is an internal service, the target endpoint is an internal S3 bucket (I was doing a routine DB backup) Neither are reachable from the internet. How is it a security issue?'
'Our tool has flagged it'
Almost all the corporate security professionals I have dealt with have been tool runners with no more than Helpdesk level skills.