MayaKaczorowski Profile Banner
Maya Kaczorowski Profile
Maya Kaczorowski

@MayaKaczorowski

Followers
10K
Following
28K
Media
883
Statuses
8K

I love puzzles almost as much as ice cream. she/her @[email protected]

San Francisco, CA
Joined March 2016
Don't wanna be here? Send us removal request.
@MayaKaczorowski
Maya Kaczorowski
1 month
What I've been up to the last few months: working on the untrendy but important problem of authorization in corporate environments. Check it out!.
@obliquesecurity
oblique
1 month
Identity management has quietly become the primary security perimeter. It's a mess. Identity requires constant manual work that security teams burn out from. At Oblique, we're helping organizations make their access controls actually maintainable:.
0
5
14
@MayaKaczorowski
Maya Kaczorowski
2 months
RT @InsecureNature: I asked @MayaKaczorowski (former Senior Director @github) about her thoughts about GitHub's identity system. Persona….
0
5
0
@MayaKaczorowski
Maya Kaczorowski
3 months
I'll be speaking on Friday at @bsidesseattle about authentication failures — see you there! 🏙️🏔️☕
Tweet media one
0
0
9
@MayaKaczorowski
Maya Kaczorowski
4 months
I'll be talking at BSidesSLC later this week on the evolution of authentication. come check it out!.
@BsidesSLC
BSidesSLC
4 months
👤→🤖 Auth has evolved from passwords to passkeys. now AI agents want in. At #BSidesSLC, @MayaKaczorowski explores:.-How auth broke.-What users expect now.-What comes next with AI identity. 🔐 Don't miss this one → .April 11th @ 11:30am
Tweet media one
0
0
8
@MayaKaczorowski
Maya Kaczorowski
4 months
RT @BsidesSLC: 👤→🤖 Auth has evolved from passwords to passkeys. now AI agents want in. At #BSidesSLC, @MayaKaczorowski explores:.-How au….
0
1
0
@MayaKaczorowski
Maya Kaczorowski
6 months
RT @dinodaizovi: "Instead of creating ‘AI agent’ permissions, fix your existing ones. [. ] You need separate read and write permissions fo….
Tweet card summary image
mayakaczorowski.com
0
13
0
@MayaKaczorowski
Maya Kaczorowski
8 months
Read the full analysis for detailed findings, including what security tools companies are building internally and why AI security wasn't a top concern:
Tweet card summary image
mayakaczorowski.com
1
12
46
@MayaKaczorowski
Maya Kaczorowski
8 months
What makes it worse?.- Vendor overload ("I fucking hate vendors" - actual quote).- Mystery asset ownership ("who owns this?!").- Explaining security to the board, who are still reusing passwords.
3
0
27
@MayaKaczorowski
Maya Kaczorowski
8 months
Top 3 technical nightmares:.- Access management: Death by 700+ tickets/month.- Vulnerability management: "We're at 2010 EDR levels here".- SaaS logs: Still emailing vendors for logs during incidents 😅.
1
4
38
@MayaKaczorowski
Maya Kaczorowski
8 months
I interviewed 57 security leaders to answer one question: What sucks in security right now? The answers were fascinating, frustrating, and occasionally funny 🧵.
8
38
169
@MayaKaczorowski
Maya Kaczorowski
9 months
i sent 30+ emails today 😱.
@MayaKaczorowski
Maya Kaczorowski
4 years
the problem with replying to emails is that they email you back.
1
0
16
@MayaKaczorowski
Maya Kaczorowski
9 months
RT @mattjay: What. The.
Tweet media one
0
1K
0
@MayaKaczorowski
Maya Kaczorowski
9 months
Rather than a security tool alerting the security team (in Slack), who then needs to find the right person to ping (also in Slack) — what if the tool just short circuited that and went right to the source (in Slack, of course)?.
Tweet card summary image
mayakaczorowski.com
1
3
18
@MayaKaczorowski
Maya Kaczorowski
10 months
realizing the support chatbot will let me talk to a real human if I speak Spanish. bueno! (I do not speak Spanish).
0
0
9
@MayaKaczorowski
Maya Kaczorowski
10 months
RT @iangcarroll: In April, @samwcyo and I discovered a way to bypass airport security via SQL injection in a database of crewmembers. Unfor….
Tweet card summary image
ian.sh
We discovered a serious vulnerability in the Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs used by the Transportation Security Administration.
0
650
0
@MayaKaczorowski
Maya Kaczorowski
10 months
I was on a panel for @PulumiCorp Up today. Check it out for a discussion on software supply chain security, secret management, and other trends in automating infra security:.
0
1
6
@MayaKaczorowski
Maya Kaczorowski
11 months
. so your SO doesn't make you fill out a postmortem after vacation?.
4
0
11
@MayaKaczorowski
Maya Kaczorowski
11 months
at what point is my side hustle just privacy class action lawsuits.
1
0
4
@MayaKaczorowski
Maya Kaczorowski
11 months
his spam: pegasus is recording you watch porn.my spam: join this board, your costco membership blah, we are not the same.
2
0
4
@MayaKaczorowski
Maya Kaczorowski
11 months
RT @PulumiCorp: Don't miss our PulumiUP expert panel: "Secrets and Policies - Automating Cybersecurity" featuring @MayaKaczorowski, @jmelle….
0
3
0