HACK Issue 004: Top bug bounty youtubers, Gartner acronym soup, and the pursuit of The Grand Shi
For my readers in the Eastern Hemisphere, you will be reading this from the future, in 2022. To the rest of us, we still have a few hours left to enjoy in 2021. Wherever you are, a happy new year to you!
Indeed the days are long, but the years are short. No time like the present to change your perspective, focus yourself in the new year to start a new habit. Just one. Start there and build the consistency muscle. What James Clear calls atomic habits.
My one new habit I want to establish is a consistent writing schedule. Part of the impetus for this newsletter is to force myself to write regularly. And I've been successful over the past month to publish HACK, but not, for instance, writing every day for 30 minutes at 12pm or something. It's a bit more like "let me squeeze it in at 7am on Friday."
Whatever your habit of focus is for 2022, I'd love to hear about it. Tweet it, email, DM me and let me know. We can keep each other accountable in the new year!
And now, without further ado, enjoy some final links and thoughts of 2021...
Security tweets and links
Top bug bounty YouTubers as chosen by Intigriti. Also, Heath has something to say to the hacker/cyber grifters.
LiveOverflow log4j, the sequel:
If you hack on HackerOne, make sure and check out your year in review!
I am continually impressed and amazed by @spaceraccoon. Such a prolific talent and just an amazing dude. Check out his incredible 2021 recap post: https://spaceraccoon.dev/2q21-new-years-reflections
Marketing thought of the week
Been doing lots of thinking and planning for 2022 with Lightspin this week, and analyst relations is definitely a part of that. This tweet by Matt made me chuckle.
I can definitely relate to the acronym soup that is cybersecurity vendor-speak: Make sure you handle your ASM alongside your CSPM and CWPP all wrapped up in this nice new CNAPP umbrella. It is bit silly - but if it wasn't Gartner giving these categories names, someone else would do it. Or the vendors/marketers like myself will (and we do) name a category specific to us. Because let's face it, every marketer wants to be well positioned in the category of choice, no one wants to be in the dreaded box on the lower left of the illustrious "magic quadrant" let alone any quadrant, magical or otherwise. The point is, categories do help buyers at least know where you stand, or where you think you stand to put it in context with the myriad of tools and solutions. It's a jungle out there.
Inspiration: The Higher Zweck and Grand Shi
Today's lesson takes us back to The Dao of Capital, which I talked about in Issue 001. The following section stood out to me:
Even ultimate ends identified by Clausewitz had a nested relationship, as the Zweck of winning the war was subordinate to a higher Zweck (the goal or end, also translated as "purpose") of a lasting peace. Such higher-order ends were known as "Grand shi" to the Daoists.
I pondered this in several ways: From the more macro perspective of life and not losing the forest for the trees (remember the days are long but the years are short). Or from the financial perspective which the book is focused on so make sure you keep the end goal in mind to achieve a roundabout strategy you may give some ground up now, but only to gain strength and win later on. But the question to leave you with today is "what is your personal "Higher Zweck"? Your "Grand shi"? What are you placed on this earth to accomplish? Go do that. Orient your habits, your life to make your purpose your reality.
Let's jump into 2022, helping each other discover and achieve our Grand shi.