CISO, supports @heidishmoo each year as she wrangles @shmoocon, periodic blacksmithing and leather work,
Joined January 2009
- Tweets 18,411
- Following 1,433
- Followers 8,260
- Likes 6,111
663 Photos and videos
May 19
I don’t post much here anymore, but for those that follow me… I’ll be doing a deep dive on OpenTelemetry data and Claude Code instrumentation at 3pm EDT today. Twitch.tv/turngate. See you there.
5
182
Bruce Potter retweeted
Jan 23
I started Granitt in 2022 to help journalists and other groups of at-risk people continue to do their work safely and securely. Please get in touch if you’re looking for an assessment, policy and process development, training, or presentation. techcrunch.com/2022/07/15/gr…
22
57
8,373
6 Nov 2025
Not entirely sure what @heidishmoo and @pwcrack are doing in this pic. :)
Some more images from the calm before #defconbahrain - our demo labs prepped for demonstration and the info desk ready to inform.
You can find out more #defcon at the #arabinternationalcybersecurityconference here:
defcon.org/html/defcon-bahra…
@NCSC_BH @AicsExpo
186
24 Mar 2025
Breaking twitter silence to call out this kind of messaging. Use of Signal for official business is a violation of federal record laws. Use of unapproved comms for classified discussion is also illegal. Disclosure to an unauthorized 3rd party is just a small part of the problem.
Spare me the “if the other side did it” bothsidesim. 13 Marines were not killed. The SecDef didn’t go missing without telling anyone. The SOS wasn’t a two faced liar to the public like Clinton. Yeah a hack journalist shouldn’t have been included in a convo on Signal. It’s a mistake that needs to be rectified.
But I see a VP thoughtfully pushing back while ultimately deferring to the President.
A SecDef putting plans together awaiting orders.
Miller asking what’s in it for America and how do you make Europe pay for our guarantees of trading routes.
A team working toward a conclusion privately the same way they present publicly.
2
5
25
2,304
Bruce Potter retweeted
27 Jan 2025
The people now in charge of the Office of Personnel Management apparently don’t know how to scrub PDF metadata, and have exposed the original authors of the guidance they’re publishing. Two, Noah Peters and James Sherk, have links to the Heritage Foundation and Project 2025.
797
10,833
54,070
3,539,101
Round one stats here: shmoocon.org/2024/11/01/roun…
3
15
3,210
Bruce Potter retweeted
10 Oct 2024
SSO shouldn’t be marketed and priced as an “enterprise” feature.
25
29
416
16,512
2 Oct 2024
Living in a town that was basically wiped out twice by water, 2 things
- Flood insurance isn’t really an option if you don’t live in a flood plain
- Flood insurance doesn’t cover “drainage issues”/flash floods. It’s a completely different beast, esp outside a flood plain
1 Oct 2024
One of the tragedies of Hurricane Helene is how few people had flood insurance.
I pulled data from FEMA for every county in North Carolina.
In most inland communities, less than 1% of homes were insured before the storm.
distilled.earth/p/hurricane-…
1
2
6
1,075
30 Sep 2024
I’m doing a talk this week on bad UI in cybersecurity. I’ve got my examples but I’m curious if anyone has some most (least?) favorites
4
2
4
1,027
Bruce Potter retweeted
7 Sep 2024
It's interesting to me how much cybersecurity discussion focuses on the widest parts of the funnel towards an attacker's goals rather than the narrower parts of the funnel. I've come to the conclusion that experts want to expert, so we bias towards shaping our work to require it.
9
7
40
5,959
Bruce Potter retweeted
6 Sep 2024
The US, Britain & the EU will soon sign the first-ever AI treaty after years of negotiations between 57 countries. This is a huge win for technological innovation and online safety, & a sign that AI can grow without putting the world's democracies at risk bit.ly/3TdSDXh
1
1
1
252
29 Aug 2024
I’m heading to Blue Team Con next week with a few other folks from Turngate. Stop by and say “hi” if you’re there turngate.io/blog/thinking-ab…
1
4
291
Bruce Potter retweeted
28 Aug 2024
Check out "GrrCON 2024" eventbrite.com/e/grrcon-2024… @
1
1
5
318
Bruce Potter retweeted
12 Aug 2024
@jp_bourget got the chance to sit down with the @defcon youtube channel and talk about how the Def Con Bike Ride came to be, and what it's like to participate. youtube.com/watch?v=hHvIKmgv…
1
2
274
12 Aug 2024
In the spirit of sso.tax, we gathered info on audit log retention from a bunch of SaaS vendors to help you navigate where your logs are and how long they’re retained. turngate.io/blog/saas-log-da…
We’re also starting our early access program. HMU if you’re interested
2
13
43
9,046
Bruce Potter retweeted
8 Aug 2024
Going to #DEFCON?
👀Looking to jump into a #CTF that won't kill your whole weekend?
Come checkout #HackFortress (@tf2shmoo), one of the longest running CTFs at DEF CON.
🖥️Hackers solve challenges for in game items for gamers.
🕹️Gamers play TF2 to pwn the other team!
1
4
14
854
7 Aug 2024
Welp, it’s about that time. A bunch of us convene in the desert and talk cybersecurity. To honor that tradition, we’ve launched our new website :) turngate.io/ lots more info available. Very close to GA
1
3
14
1,107