Skip to main content

Applying for AppSec Engineer @ Riot

It's no surprise that attackers will use recruiters as targets for a compromise and like many companies, we've seen the usual applications with XSS and macros. Today I received something slightly different which I figured was worth sharing -

As you'd expect, the candidate details are fabricated so we can't progress :(

P.S. We are actually hiring in Dublin, Istanbul, St Louis and LA for security engineers:) 

Labels:

Comments

Post a Comment

Popular posts from this blog

Being a Support Engineer @ 10gen - Part 1

There's a mis-conception around the role of a "Support Engineer".  As a clue, it's not what Urban Dictionary   says   - A person whose job is to answer calls from customers of a small- to large-sized company...... They are teathered to a their desk all day via phone headset........ phone jockeys usually hate their jobs.......they are are paid well enough..........until they completely burn out, and hate everyone.   and doesn't always involve this - Image Source: http://half-bakedbaker.blogspot.ie/2009/11/cannoli-and-broken-computer.html As you can see  here , there's lots of open roles in  10gen  and more specifically with 10gen, in  Dublin . I thought I'd write this quick blog to explain what Support Engineers actually do and why I joined 10gen as a "Support Engineer". I could be wrong but didn't Google come up with term " Site Reliability Engineer " to do away with the stigma associated with being a...
Post a Comment
Read more

WAF versus DPI Firewall

This is a question, I've frequently been asked in recent years and in the last month, o n one of the internal mailing lists, in my old company, the following question was posted – In simple terms, what tasks is a Web Application Firewall (WAF) able to do that a Deep Inspection Firewall can't and why ? by one of my colleagues. Many of you may be surprised (I know I was initially) but this question still comes up an awful lot. Having answered the email (as a warning, I went into a lot of detail and plugged the awesome Security Onion ), I was requested to write a technical blog on the subject, but as I left the company soon after, the blog was never published. Therefore, to save me answering the question again, I thought I’d publish it so I can just reference the link in future J
6 comments
Read more

Being a Support Engineer @ 10gen - Part 2

So back in July, I wrote a blog post talking about my experiences being a so-called "phone jockey", i.e. a support engineer, for 10gen. For those cynics out there, it wasn't written by HR, modified by marketing or requested by management or anyone in our recruiting team - I wrote it off my own back because I've a tendency to do things off my own back I wanted to explain what being a "support engineer" actually meant and more specifically, what it entailed in a small, innovative, fun company like 10gen I now have somewhere to point people too when they ask my what life as a "support engineer" in 10gen is like to get kudos within 10gen and please management When I wrote the blog post, I intended it to be a once-off (why would anyone agree to writing a multi-part blog series) but I was encouraged to at least write a second post by @francium and she's very cool so I let it slide and agreed!!! One of the ideas that I had was talking ...
8 comments
Read more