u/Exo_Skeleton99

Our security scanner just dumped another like 400 "CRITICAL VULNERABILITIES" into our sprint backlog, and I am so sooo tired. It's always the same shit, the scanner sees a package with a high CVSS score and goes crazy like everythings fallign apart (it basically never is) and i need to waste time figuring out if each of these matter and like 95% of the time they don't

Like three hours the other day tracking down a 9.8 critical alert only to find out it's inside an isolated container without public internet exposure with no IAM role or attack path to touch anything sensitive. Things are most of the time pretty much just dead ends and pose absolutely zero risk, but because our tool flagged it I have to go and manually validate everything and more time writing some bs justification on why we're not patching it and on and on and on. I'm just doing data entry at my job most of the time.

When there's an actual critical alert happening it's just going to be buried below a thousand bs fake critical vulnerability alerts and until then I'm just going through trash and doing data entry. Idk why leadership is making us do this (i guess just to inflate some dashboard kpis on vulnerability metrics or whatever) but I'm tired of this. Do you guys get to use your brains at work? I'm jealous.

Hey all, we've been trying to implement some tokenmaxxing into our team, just letting them go wild with tokens essentially for the past two months and it's been going great honestly in terms of team vibes and productivity so I'm pretty happy on that end, at the same time though the spend is getting a little insane.

I'm wondering, how do you guys track the spend and create strategies around it? Some of our engineers had their productivity increased and others didn't, I'm not entirely sure how to track the spend properly though to cut off spend on tools that aren't working out and incentivizing things that are.

What do you guys do in these scenarios? What do you recommend?

So my stepdad (56M) has severe kidney failure is looking for a transplant. His immediate family isn't compatible, so my mom told me (27M) to get myself tested. I'm a bit wary of the risks of a kidney transplant, so I was hoping the whole time that I wouldn't be compatible. The results came back and turns out I was. Even though I'm afraid of the transplant, I was considering it for a while as my stepdad is a great guy. He joined our family while I was in HS and took me like his own. When he married my mom, he told me that he'll take care of my tuition and other living costs for me.

I told my mom the results, but SPECIFICALLY asked her to keep it quiet for a few days so I could have some time to process it. At the same time, I was also hoping another donor would come in to help out. Alas, literally the next day the whole family was texting me and giving me their thanks already.

I didn't want to cave in to the pressure so I told them that I'll not be doing it. My stepdad was incredibly graceful and just said that he understands. The problem is my mom and other family members went absolute ballistic. They called me all sorts of names, and said that if it weren't for my step-dad we would've been out on the streets. I do think that she's right regarding that, but at the same time I'm just not ready to go through the whole operation. Also, it really left a bad taste in my mouth how I feel like they just EXPECT me to do it as if it's the easiest thing to do. While they don't have that same pressure put upon them as they're all incompatible. Anyways, I might still go back on my decision as I do have the time, but right now I'm just not sure.

AITAH?