u/Visible_Donkey_7130

We rolled out a formal access request workflow last year proper approvals, audit trail. security was happy engineers were not.
four days average from request to access. not because approvals are slow but because requests route to resource owners who have other priorities and the escalation reminders don't really work.
two months in someone built a slack bot that auto-provisioned access to six internal systems based on team membership built it because four days is too long when you're blocked mid-sprint. no audit trail, nothing IT could see.
bot ran for six weeks before IT found it 34 engineers provisioned across systems that should have had individual approvals. IT shut it down. the engineers who built it said the formal system was the problem not the bot.
they were right about the four days.
every time someone raises it with security they come back to the same point  remove the friction and you remove the control.

has anyone actually found a way to make this work or is four days just the tax you pay for having governance at all.

I am seeing these 1000mg edibles pop up, cake carts and thc vapes everywhere. I tried one split with a buddy and took like 3 hours to kick in hard. felt like too much for us, i ended up couchlocked questioning life. who actually eats a full 1000mg? do you need insane tolerance from dabs or live carts or what? beginners what do you even do with these, split into 100 doses or something! onset time seems forever compared to a weed pen or gummies.

Does cookie based tracking even make sense anymore with users switching devices, blocking tracking, and caring more about privacy?

Getting into concentrates feels intimidating at first. the equipment, terminology, different types of wax and shatter. could online platforms help beginners and first smokers figure out all of this and find cheap bongs or thc disposable vapes or shroom carts or cake carts... whats the best way to start?

For me it was a quality grinder. Sounds basic but the consistency made a noticeable difference. Ive tried cheap carts before but they were hit or miss. Curious what others point to as the thing that actually changed how they enjoy their sessions not the most expensive purchase just the most impactful one. Like a percolator bong or thc disposable vape or something. What you got

i am about to order some shroom, gummies and a bong with percolator for the first time online. a lot of shops say discreet shipping but i think its just marketing, what does it really look like, plain box no labels or anything, anyone got pics or stories of what arrived?

Got a slack message this morning with a screenshot. competitor ranking in AI answers for a query we should own. boss wants an explanation by end of week i have nothing. we don't track AI brand visibility at all. no citation monitoring, no sentiment tracking, no idea how often we show up or don't across ChatGPT, Perplexity, Gemini

we do SEO and PPC fine but this whole AI search side has just been ignored and now it's a problem, manual prompt checks aren't going to cut it as an answer to a client or a boss

what are people using to track this properly. something that shows brand visibility, citations, sentiment shifts across AI platforms in one place

need to come back with something real not just a screenshot comparison.

i am trying to find something for my buddy whos deep into stuff already. he got a bong collection probably some percolator bongs and beaker ones too. quality grinder maybe or thc carts he wouldnt grab himself like cake cart or strawberry shortcake vape. what could surprises a guy like him?

Human identity gets all the governance attention. MFA enforcement, lifecycle management, access reviews, privileged account monitoring. Meanwhile the service account population sits in the gap between security, infrastructure, and application teams and nobody owns it.  Current state at our org: 2,100 human accounts under active governance. Approximately 6,400 service accounts and API keys across on-prem AD, cloud IAM roles, and SaaS platform credentials. Of those 6,400, named owner exists in any queryable system for maybe 30%. Credential rotation is manual and happens when someone remembers or when a rotation breaks something and forces the conversation. Roughly 350 carry admin or elevated permissions granted during initial setup and never scoped down after deployment. Both incidents in the past 18 months involved lateral movement through compromised service account credentials  old accounts, broad permissions, no active monitoring because nobody built the detection rules for non-human identities. Machine identity has the same attack surface as human identity with a fraction of the governance investment. What are people actually doing to manage this at scale?

I used to think tours were the “fun” part of the job. The creative part. The part clients get excited about. Lately, they feel like the riskiest part. Flights are delayed, but they usually still operate. Hotels overbook, but there’s almost always an alternative. Tours are different. One guide calling in sick, one weather issue, one missed minimum group size and the entire experience disappears. And when it does, it’s not just a refund problem. It’s a disappointed client standing in a city with their day suddenly empty.

I had a client in Lisbon whose full day was built around a Sintra tour. That tour canceled the morning of due to “operational issues.” By the time I woke up to the email, the client was already dressed, ready, and confused about what to do next. I spent the next three hours trying to rebuild their day remotely last-minute tickets, changing transport, finding something that still felt special.

That day made me realize tours aren’t just bookings. They’re time, emotions, expectations, and sometimes the entire point of the trip. Now I’m questioning whether experiences should be handled with their own process, rules, and client conversations not because of revenue, but because of how much impact and risk they actually carry. Do you approach tours differently than the rest of the itinerary?
Or do you treat them the same and just accept the chaos when it happens?