Merritt Baer
@MerrittBaer
Followers
13,358
Following
7,821
Media
3,111
Statuses
22,780
CISO @recolabs_ai . Advisor @expansoIO @enkryptai . former: @AWS OCISO, US gov. emerging tech, infosec, security as code, future of internet
Miami, FL
Joined March 2012
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Vance
• 1094644 Tweets
#เทควันโด
• 527418 Tweets
Iraq
• 436103 Tweets
Stolen Valor
• 274576 Tweets
ETERNITY WITH BLACKPINK
• 241461 Tweets
Wisconsin
• 222495 Tweets
Kursk
• 217104 Tweets
BEST WISHES FOR SAROCHA
• 209892 Tweets
Trump 2024
• 158503 Tweets
#erişimengelinikaldır
• 131119 Tweets
ISIS
• 126047 Tweets
Tampon Tim
• 124170 Tweets
Eau Claire
• 91023 Tweets
Walthamstow
• 66826 Tweets
Zubimendi
• 57205 Tweets
Vienna
• 56844 Tweets
Brighton
• 50818 Tweets
Quincy Hall
• 40104 Tweets
Chidimma
• 36121 Tweets
Home Affairs
• 35634 Tweets
$XRP
• 33813 Tweets
Nelly
• 32227 Tweets
Bon Iver
• 23563 Tweets
Ferdi
• 23277 Tweets
Stona
• 22833 Tweets
#الاتحاد_انتر_ميلان
• 20274 Tweets
Esra Yıldız Kahraman
• 13604 Tweets
Entourage
• 11975 Tweets
D'Tigress
• 11584 Tweets
FURIALEX EN CARAJO
• 11111 Tweets
Pinned Tweet
After working for 5.5 years in security at AWS, and before that, all 3 branches of USG,
I am now working in young (private) companies.
I decided to start a daily thread 🧵on some of the things I’ve learned.
(Feel free to DM or reply with your own! Bookmark for daily updates.)
11
15
249
Colleagues had a car broken into and laptops stolen in downtown Mountain View last night while we were at dinner. We wondered how they knew to break into the hatchback when it is not see- through.
They turn on bluetooth scanners and follow the beacon to find electronics.
177
1K
3K
The sheer number of AWS resignations in the last week is stunning.
75
78
1K
Bill for $895 for ER visit (the one that made me miss defcon this summer!)
Requested an itemized bill.
They still haven’t sent that! but instead, sent an “offer of settlement” that I pay *half* of the amount they claimed I owe.
Wow.
72
45
1K
It's not that I dislike cryptocurrency, it's that I dislike *cryptocurrency people*
35
61
926
if you're in an interview (with me, anyway) and I ask a technical question you don't know,
the answer "I don't know but I'd look it up [here insert where you'd look to find it]" and then describe the approach you'd take
that is totally fine. it's not a "gotcha" game.
29
74
715
Hotel guy: "crypto, you invest in that?"
Me:"nah cryptography. Like...math."
25
20
712
Everyone knows "technical debt" (stuff you have but don't need). I'm coining "policy debt" to refer to the policies enshrining "but we've always done it this way" practices.
Password policies are a lot of this.
21
186
640
“Sleep when the baby sleeps”
Yeah!
I’ll just do laundry when the baby does laundry.
23
30
625
PSA: if you have prod data in a non-prod account,
It is now a prod account.
29
90
588
Do other people re-read their “sent” emails just to reassure themselves that it was right? I have this habit of annoying myself by revisiting them after I’ve hit send.
66
12
552
Ok friends-- an ask.
I have a friend who quit his job as a Denver cop tonight. His wife went to high school with me.
Any ideas? He's up for whatever-- could do sales, office management, etc. 2 year degree. They're looking at maybe TX as a fresh start.
88
93
524
the use of the acronym CSAM for cybersecurity awareness month is really not sitting well with me 🥴
41
35
517
If you work in tech and I should follow you but I don't already, please send a hi to this.
👋
532
15
528
It’s official: I’m a CISO ;)
(Yes, again. I’ll keep making this mistake I promise 😂)
Cc
@recolabs_ai
82
14
449
Let’s start a thread of some of the *worst* advice you ever got.
I’ll start: “don’t negotiate pay, just perform well and they’ll promote you.”
44
17
417
today is the day! 🪇
my first day as Field CISO at
@Lacework
(many thanks to many folks including
@mistwire
,
@elchefe
,
@continuousec
,
@ChanceKelch
,
@mjasay
,
@cioontherun
,
@RyanOrsi
, and many other industry and
@awscloud
friends!)
(thread)
85
10
411
I literally don’t understand the “Kamala is not a biological mother” argument.
None of our previous presidents have given birth either. 🤷🏻♀️
40
35
401
I don't do "debates." I'm an engineer--I solve problems.
AWS, & I, personally, care deeply about making the secure thing, the easiest thing, to do. That's a tough aspiration & I spend my life on it.
Thank you to this supportive community, all who replied so I didn't need to.
💜
11
14
387
91
7
279
OK hear me out tho:
Can I hire him? 🤷🏻♀️
Arion Kurtaj, member of LAPSU$, and the individual behind the GTA 6 hack and Uber breach, sentenced to life in hospital prison
More information:
67
167
1K
51
30
380
Went to a friend’s dinner party tonight. On the way in the door, asked “everyone’s vaxxed right?!”
No, 2 ppl aren’t.
Making dinner at home.
25
6
371
Every smart person I know (including / especially me) spends a lot of time figuring out how to tell their brain to turn off
26
28
345
my flight attendant just got her cloud practitioner certification and we're gonna refer her to aws jobs, fam. yes we are. (she told me bc i'm in my same crypto shirt on the plane.)
16
6
346
Me: any questions?
Man in audience: So I have a couple cloud servers in the office, they might be AWS. How do I know AWS can't see my data?
50
27
339
Free idea: instead of parties, sponsor childcare at big conferences.
I would remember and love that brand way more than if you gave me a free drink.
18
62
333
Lololol someone at Google got a decent marketing budget for this
29
19
328
My hotel coffee attendant told me that I’m very pretty “for an American”
and you know what? I’ll take it. I’ve seen Miss Venezuela.
12
3
328
PSA: stop asking women when they're having another kid. (Or any kids.)
14
17
283
@robbaragonleon
@Paracelsus1092
@PerrinClemence3
There are a number of native dialects and by the way you don’t seem that good at English yourself
3
3
263
suggested interview question:
What's a security issue that disproportionately impacts a vulnerable class of people in America or around the world?
46
30
256
one more reminder not to use the acronym CSAM for cybersecurity awareness month
16
40
246
companies: I want to hire "true" security people!
also companies: they don't enjoy our all-hands meetings like I want them to! why are they so weird?
🥸
22
20
248
Not sure when "you should be in therapy" became a slur.
We should all be in therapy.
12
26
232
Just wondering the last time you were a part of a security team instead of reading about one.
When I read about a "SOC," "IR team," "threat hunting team," and "threat intelligence team" all being individual entities, I feel something has gone terribly wrong in the development and organization of defensive capabilities over the last 10 years. It feels overspecialized.
51
32
262
27
17
231
Speaking engagement just offered $ and childcare, including the night before.
So classy.
8
8
229
Did I get a tiny twinge of satisfaction when the AWS security folks told me how much work they had to shoulder bc I left?
…yes😆
9
1
224
Any company that has a slide that says "military grade encryption!" has a CTO who's either embarrassed or not very smart.
15
18
206
remember when we said we'd provide (for free) the same training amazon employees get? here it is:
(feel free to incorporate it into your entity's curriculum, build from it, etc.)
5
56
203
I think TSA should pay this lady who is redteaming the shit out of them.
6
19
199
I love when companies tout "military grade encryption" as if the military uses some special brand of math 🤪
28
7
194
17
0
135
Actually, world-class engineers (some at world-class tech companies) keep telling you how math/cryptography works, & you appear to be wilfully ignoring reality.
Attorney General Barr statement: "I am confident that our world-class technology companies can engineer secure products that protect user information and allow for lawful access."
34
10
47
13
44
184
I worked (for AWS) through my entire pregnancy/ maternity leave and honestly wish we wouldn’t keep acting like this is a good badge of honor.
Judith Love Cohen was an American aerospace engineer who helped create the Abort-Guidance System that rescued the Apollo 13 astronauts.
When she went into labor, she went to work.
She took a printout of a problem she was working on to the hospital. She called her boss and
444
5K
52K
17
8
187
It is nice to go outside and feel a little bit of normalcy
16
0
180
If you are a random sales or solutions architect at my company and your LinkedIn profile says “CISO,”
I *will* notice.
24
3
175
it grinds my gears when people tell women aspiring to careers in security "you don't need to be technical!" like yeah but you don't need to NOT be technical either.
if you learned it, she can too. and she'll likely make more if she does. let's say the real story.
12
23
167
Woman next to me on the plane is having heavy anxiety bc we’re flying through turbulence and I just reassured her that it’s totally fine we’re not gonna die. Or we will and then you don’t need to send that email.
Maybe I’m not helping.
21
1
163
News update:
I'm "Tier 1" AWS certified for speaking engagements.
Bring on your keynotes for 2020
14
5
161
The hotel lights made kind of a vampire effect but vampires are in, right?
26
0
159
Let’s do a round up of the tropes we hate because they’re ridiculous/inaccurate/unuseful.
I’ll start:
Military grade encryption
Data is the new oil
It’s not a matter of if, but when (you get attacked)
People are the weakest link (in security)
Add your favorites!
49
15
161
Kids have to be the ultimate example of a woman doing all the work on a group project, and a man putting his name on it at the end.
11
9
159
12
3
156
wishlist: hotels that would rent for the day instead of overnight. I'm often in a city from 8am-8pm, and having a reservation that only guarantees me a quiet spot until 11am or after 3 or 4pm isn't great.
do other folks have ideas that work here?
29
3
156
I put on “real clothes” for a tech happy hour. Please applaud.
19
1
156
Apparently AWS security engineers in Austin decided to pwn the coffee machine...
13
28
153
so it turns out PTO with a 2 yr old is not very restful... I'm exhausted 😆🥴
20
3
153
I want to go to church but one where there’s nothing to do with god it’s just community and music and food. Maybe a quick workout and we take turns watching the kids.
48
3
153
I’m running for president on a campaign to ban leaf blowers
53
4
152
Let's refocus on something positive:
Friday is my baby's birthday!
12
0
151
Yes, my belt is a MacBook charging cable. Yes, I am wearing it all day.
23
1
149
This is Merritt. She is approx 100 years old and looks only half that.
This is Chuando Tan.
He is 58 years old and looks like he's in his late 20's or early 30's.
Here are his secrets to looking half his age:
1K
6K
62K
18
1
150
Just got nominated for a 40 under 40 list with a media company, should I tell them that I’m 40? 😹
28
1
148
it *is* always DNS
but it's ALSO
*always* compromised credentials
7
17
142
Good morning
Happy first day to me as CISO at
@recolabs_ai
!
If you want to talk SaaS security (and who doesn’t?!) reach out for a conversation!
26
5
145
I'm just a girl
sitting in front of a computer
wishing I were drinking tequila
13
2
141
What’s your non-tech escape hatch plan? Mine is to start a wedding venue on a Vietnamese island 🏝️👰🏽
104
2
140
A vaccinated person can get Covid. They just don’t tend to die.
Meanwhile I have a baby who cannot be vaccinated, but to whom I could transmit.
So YEAH you did miss some science.
6
15
142
Picanha Friday lunch…better than a restaurant if I dare say so myself
22
1
141
Tell me this cloud doesn’t look like Godzilla on a surfboard 🏄♀️
20
4
141
I think I'm really starting to blend in with the security world 🙃
30
0
137
When someone says they do "cybersecurity," I just tell them, I've worked for the government too.
9
4
138
Today is my dad’s birthday. I was 19 when he died and it’s been 19 years.
26
0
134